SlideShare a Scribd company logo

ALB User Authentication: Identity Management at Scale with Netflix (NET204) - AWS re:Invent 2018

Amazon Web Services
Amazon Web Services

In the zero-trust security environment at Netflix, identity management has historically been a challenge due to the reliance on its VPN for all application access. About one year ago, Netflix began exploring various identity solutions to alleviate the operational burden of maintaining its VPN. Additionally, it was looking for ways to provide a superior user experience. Join this chalk talk to learn how Netflix solved identity management at scale.

1 of 21
Download to read offline
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. ALB Authentication: Identity Management at Scale with Netflix Will Rose Senior Security Engineer Netflix Information Security N E T 2 0 4
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Agenda Netflix Identity Principles In Practice ALB Authentication Discussion
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Principle Federate Everything Every. Single. App. Single Sign On Standards OpenID Connect and OAuth SAML Make It Easy To Do The Right Thing …and difficult to do it wrong
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Principle Developer Self-Service Simple onboarding Expertise not required Immediately available No approval required
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Principle Device Health Checks User Focused Security Engage with users to improve device security Stethoscope Open Source tool from Netflix to report on device health status Integrated with Netflix Identity Platform Influences user’s authentication experience
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Principle Adaptive Multi-Factor Authentication Contextual step-up authentication using: Application Sensitivity Usage patterns and behaviors Device Health Status User Agent Recognition Geographic Location
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Landscape Hundreds of applications, growing daily With Great Freedom comes… Great Variability Languages and Frameworks galore
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Identity Challenges Just use Client Libraries to Federate! Always playing catch-up to new languages and frameworks Open source options of varying quality and completeness Developer friction around configuration
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Identity Challenges Ok, then just use Authenticating Proxies! Additional critical infrastructure to maintain Potential bottlenecks and new failure modes to address Additional infrastructure cost to operate Proxy Layer Application Layer
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Please select one C. None of the above
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Crazy Talk Auth == Undifferentiated Heavy Lifting! Why not Application Load Balancers!? Let’s talk to Amazon! Please?
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Alphabet Soup Ingredients 1 x AWS 1 x ALB 1 x OIDC Simmer for 6 months Serves: everyone
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Under the Hood X-Amzn-OIDC-Identity: will.rose@domain.com X-Amzn-OIDC-Access-Token: 1waGF…YW50 X-Amzn-OIDC-Data: eyJhbG...y4MbQQ
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Adoption Native Spinnaker integration Fully self-service with only a few clicks No new infrastructure required Identical integration experience across all languages Our recommended integration path for all applications
Thank you! © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Will Rose wrose@netflix.com
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Recommended

Deploying Your ONNX Deep Learning with Apache MXNet Model Server (AIM413) - A...
Deploying Your ONNX Deep Learning with Apache MXNet Model Server (AIM413) - A...Deploying Your ONNX Deep Learning with Apache MXNet Model Server (AIM413) - A...
Deploying Your ONNX Deep Learning with Apache MXNet Model Server (AIM413) - A...Amazon Web Services
 
Update Microcontroller Devices Over-the-Air with Amazon FreeRTOS (IOT304-R1) ...
Update Microcontroller Devices Over-the-Air with Amazon FreeRTOS (IOT304-R1) ...Update Microcontroller Devices Over-the-Air with Amazon FreeRTOS (IOT304-R1) ...
Update Microcontroller Devices Over-the-Air with Amazon FreeRTOS (IOT304-R1) ...Amazon Web Services
 
Build a Social News App with Android and AWS (MOB307) - AWS re:Invent 2018
Build a Social News App with Android and AWS (MOB307) - AWS re:Invent 2018Build a Social News App with Android and AWS (MOB307) - AWS re:Invent 2018
Build a Social News App with Android and AWS (MOB307) - AWS re:Invent 2018Amazon Web Services
 
Role of Central Teams in DevOps Organizations (DEV370) - AWS re:Invent 2018
Role of Central Teams in DevOps Organizations (DEV370) - AWS re:Invent 2018Role of Central Teams in DevOps Organizations (DEV370) - AWS re:Invent 2018
Role of Central Teams in DevOps Organizations (DEV370) - AWS re:Invent 2018Amazon Web Services
 
How Trek10 Uses Datadog's Distributed Tracing to Improve AWS Lambda Projects ...
How Trek10 Uses Datadog's Distributed Tracing to Improve AWS Lambda Projects ...How Trek10 Uses Datadog's Distributed Tracing to Improve AWS Lambda Projects ...
How Trek10 Uses Datadog's Distributed Tracing to Improve AWS Lambda Projects ...Amazon Web Services
 
Build a Searchable Media Library & Moderate Content at Scale Using Machine Le...
Build a Searchable Media Library & Moderate Content at Scale Using Machine Le...Build a Searchable Media Library & Moderate Content at Scale Using Machine Le...
Build a Searchable Media Library & Moderate Content at Scale Using Machine Le...Amazon Web Services
 
Getting Started with AWS Greengrass (IOT215-R3) - AWS re:Invent 2018
Getting Started with AWS Greengrass (IOT215-R3) - AWS re:Invent 2018Getting Started with AWS Greengrass (IOT215-R3) - AWS re:Invent 2018
Getting Started with AWS Greengrass (IOT215-R3) - AWS re:Invent 2018Amazon Web Services
 
Listen to Your Customers' Social Voice & Engage Them with Delightful Experien...
Listen to Your Customers' Social Voice & Engage Them with Delightful Experien...Listen to Your Customers' Social Voice & Engage Them with Delightful Experien...
Listen to Your Customers' Social Voice & Engage Them with Delightful Experien...Amazon Web Services
 

Recommended

Deploying Your ONNX Deep Learning with Apache MXNet Model Server (AIM413) - A...
Deploying Your ONNX Deep Learning with Apache MXNet Model Server (AIM413) - A...Deploying Your ONNX Deep Learning with Apache MXNet Model Server (AIM413) - A...
Deploying Your ONNX Deep Learning with Apache MXNet Model Server (AIM413) - A...Amazon Web Services
 
Update Microcontroller Devices Over-the-Air with Amazon FreeRTOS (IOT304-R1) ...
Update Microcontroller Devices Over-the-Air with Amazon FreeRTOS (IOT304-R1) ...Update Microcontroller Devices Over-the-Air with Amazon FreeRTOS (IOT304-R1) ...
Update Microcontroller Devices Over-the-Air with Amazon FreeRTOS (IOT304-R1) ...Amazon Web Services
 
Build a Social News App with Android and AWS (MOB307) - AWS re:Invent 2018
Build a Social News App with Android and AWS (MOB307) - AWS re:Invent 2018Build a Social News App with Android and AWS (MOB307) - AWS re:Invent 2018
Build a Social News App with Android and AWS (MOB307) - AWS re:Invent 2018Amazon Web Services
 
Role of Central Teams in DevOps Organizations (DEV370) - AWS re:Invent 2018
Role of Central Teams in DevOps Organizations (DEV370) - AWS re:Invent 2018Role of Central Teams in DevOps Organizations (DEV370) - AWS re:Invent 2018
Role of Central Teams in DevOps Organizations (DEV370) - AWS re:Invent 2018Amazon Web Services
 
How Trek10 Uses Datadog's Distributed Tracing to Improve AWS Lambda Projects ...
How Trek10 Uses Datadog's Distributed Tracing to Improve AWS Lambda Projects ...How Trek10 Uses Datadog's Distributed Tracing to Improve AWS Lambda Projects ...
How Trek10 Uses Datadog's Distributed Tracing to Improve AWS Lambda Projects ...Amazon Web Services
 
Build a Searchable Media Library & Moderate Content at Scale Using Machine Le...
Build a Searchable Media Library & Moderate Content at Scale Using Machine Le...Build a Searchable Media Library & Moderate Content at Scale Using Machine Le...
Build a Searchable Media Library & Moderate Content at Scale Using Machine Le...Amazon Web Services
 
Getting Started with AWS Greengrass (IOT215-R3) - AWS re:Invent 2018
Getting Started with AWS Greengrass (IOT215-R3) - AWS re:Invent 2018Getting Started with AWS Greengrass (IOT215-R3) - AWS re:Invent 2018
Getting Started with AWS Greengrass (IOT215-R3) - AWS re:Invent 2018Amazon Web Services
 
Listen to Your Customers' Social Voice & Engage Them with Delightful Experien...
Listen to Your Customers' Social Voice & Engage Them with Delightful Experien...Listen to Your Customers' Social Voice & Engage Them with Delightful Experien...
Listen to Your Customers' Social Voice & Engage Them with Delightful Experien...Amazon Web Services
 
Monitoring Serverless Applications (SRV303-S) - AWS re:Invent 2018
Monitoring Serverless Applications (SRV303-S) - AWS re:Invent 2018Monitoring Serverless Applications (SRV303-S) - AWS re:Invent 2018
Monitoring Serverless Applications (SRV303-S) - AWS re:Invent 2018Amazon Web Services
 
Create a Frictionless, Connected Retail Checkout Experience Inspired by Amazo...
Create a Frictionless, Connected Retail Checkout Experience Inspired by Amazo...Create a Frictionless, Connected Retail Checkout Experience Inspired by Amazo...
Create a Frictionless, Connected Retail Checkout Experience Inspired by Amazo...Amazon Web Services
 
Deploy Alexa for Business in Your Organization & Build Your First Private Ski...
Deploy Alexa for Business in Your Organization & Build Your First Private Ski...Deploy Alexa for Business in Your Organization & Build Your First Private Ski...
Deploy Alexa for Business in Your Organization & Build Your First Private Ski...Amazon Web Services
 
Build a Voice-Based Chatbot for Your Amazon Connect Contact Center (BAP401-R1...
Build a Voice-Based Chatbot for Your Amazon Connect Contact Center (BAP401-R1...Build a Voice-Based Chatbot for Your Amazon Connect Contact Center (BAP401-R1...
Build a Voice-Based Chatbot for Your Amazon Connect Contact Center (BAP401-R1...Amazon Web Services
 
Plan, Track, and Execute Mass Migrations (ENT325-R1) - AWS re:Invent 2018
Plan, Track, and Execute Mass Migrations (ENT325-R1) - AWS re:Invent 2018Plan, Track, and Execute Mass Migrations (ENT325-R1) - AWS re:Invent 2018
Plan, Track, and Execute Mass Migrations (ENT325-R1) - AWS re:Invent 2018Amazon Web Services
 
Automate & Audit Cloud Governance & Compliance in Your Landing Zone (ENT315-R...
Automate & Audit Cloud Governance & Compliance in Your Landing Zone (ENT315-R...Automate & Audit Cloud Governance & Compliance in Your Landing Zone (ENT315-R...
Automate & Audit Cloud Governance & Compliance in Your Landing Zone (ENT315-R...Amazon Web Services
 
Build Workflows with Amazon CloudFront, Amazon Route 53, & Lambda@Edge (CTD40...
Build Workflows with Amazon CloudFront, Amazon Route 53, & Lambda@Edge (CTD40...Build Workflows with Amazon CloudFront, Amazon Route 53, & Lambda@Edge (CTD40...
Build Workflows with Amazon CloudFront, Amazon Route 53, & Lambda@Edge (CTD40...Amazon Web Services
 
Running Enterprise Test/Dev on Amazon EC2 Spot Instances (CMP407-R1) - AWS re...
Running Enterprise Test/Dev on Amazon EC2 Spot Instances (CMP407-R1) - AWS re...Running Enterprise Test/Dev on Amazon EC2 Spot Instances (CMP407-R1) - AWS re...
Running Enterprise Test/Dev on Amazon EC2 Spot Instances (CMP407-R1) - AWS re...Amazon Web Services
 
Best Practices for Building Multi-Region, Active-Active Serverless Applicatio...
Best Practices for Building Multi-Region, Active-Active Serverless Applicatio...Best Practices for Building Multi-Region, Active-Active Serverless Applicatio...
Best Practices for Building Multi-Region, Active-Active Serverless Applicatio...Amazon Web Services
 
DevOps Concepts for Data Science (DEV347-R2) - AWS re:Invent 2018
DevOps Concepts for Data Science (DEV347-R2) - AWS re:Invent 2018DevOps Concepts for Data Science (DEV347-R2) - AWS re:Invent 2018
DevOps Concepts for Data Science (DEV347-R2) - AWS re:Invent 2018Amazon Web Services
 
Network Foundations on AWS (GPSCT409) - AWS re:Invent 2018
Network Foundations on AWS (GPSCT409) - AWS re:Invent 2018Network Foundations on AWS (GPSCT409) - AWS re:Invent 2018
Network Foundations on AWS (GPSCT409) - AWS re:Invent 2018Amazon Web Services
 
Build Your Own Royal Wedding Celebrity Viewing Experience (CTD401) - AWS re:I...
Build Your Own Royal Wedding Celebrity Viewing Experience (CTD401) - AWS re:I...Build Your Own Royal Wedding Celebrity Viewing Experience (CTD401) - AWS re:I...
Build Your Own Royal Wedding Celebrity Viewing Experience (CTD401) - AWS re:I...Amazon Web Services
 
Best Practices for Safe Deployments on AWS Lambda and Amazon API Gateway (SRV...
Best Practices for Safe Deployments on AWS Lambda and Amazon API Gateway (SRV...Best Practices for Safe Deployments on AWS Lambda and Amazon API Gateway (SRV...
Best Practices for Safe Deployments on AWS Lambda and Amazon API Gateway (SRV...Amazon Web Services
 
[NEW LAUNCH!] Introducing AWS Elemental MantaRay (CTD325) - AWS re:Invent 2018
[NEW LAUNCH!] Introducing AWS Elemental MantaRay (CTD325) - AWS re:Invent 2018[NEW LAUNCH!] Introducing AWS Elemental MantaRay (CTD325) - AWS re:Invent 2018
[NEW LAUNCH!] Introducing AWS Elemental MantaRay (CTD325) - AWS re:Invent 2018Amazon Web Services
 
SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...
SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...
SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...Amazon Web Services
 
Machine Learning at the IoT Edge (IOT214) - AWS re:Invent 2018
Machine Learning at the IoT Edge (IOT214) - AWS re:Invent 2018Machine Learning at the IoT Edge (IOT214) - AWS re:Invent 2018
Machine Learning at the IoT Edge (IOT214) - AWS re:Invent 2018Amazon Web Services
 
Manage Queries, and Audit Usage & Control Costs at Scale on Amazon Athena (AN...
Manage Queries, and Audit Usage & Control Costs at Scale on Amazon Athena (AN...Manage Queries, and Audit Usage & Control Costs at Scale on Amazon Athena (AN...
Manage Queries, and Audit Usage & Control Costs at Scale on Amazon Athena (AN...Amazon Web Services
 
Introduction to Version 3 of the AWS SDK for JavaScript (TypeScript) (DEV379-...
Introduction to Version 3 of the AWS SDK for JavaScript (TypeScript) (DEV379-...Introduction to Version 3 of the AWS SDK for JavaScript (TypeScript) (DEV379-...
Introduction to Version 3 of the AWS SDK for JavaScript (TypeScript) (DEV379-...Amazon Web Services
 
Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...
Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...
Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...Amazon Web Services
 
Managing Connected Devices at Scale with AWS IoT Device Management, ft. Hudl ...
Managing Connected Devices at Scale with AWS IoT Device Management, ft. Hudl ...Managing Connected Devices at Scale with AWS IoT Device Management, ft. Hudl ...
Managing Connected Devices at Scale with AWS IoT Device Management, ft. Hudl ...Amazon Web Services
 
Modern Application Delivery on AWS: the Red Hat Way
Modern Application Delivery on AWS: the Red Hat WayModern Application Delivery on AWS: the Red Hat Way
Modern Application Delivery on AWS: the Red Hat WayAmazon Web Services
 
Life of a Code Change to a Tier 1 Service - AWS Online Tech Talks
Life of a Code Change to a Tier 1 Service - AWS Online Tech TalksLife of a Code Change to a Tier 1 Service - AWS Online Tech Talks
Life of a Code Change to a Tier 1 Service - AWS Online Tech TalksAmazon Web Services
 

More Related Content

What's hot

Monitoring Serverless Applications (SRV303-S) - AWS re:Invent 2018
Monitoring Serverless Applications (SRV303-S) - AWS re:Invent 2018Monitoring Serverless Applications (SRV303-S) - AWS re:Invent 2018
Monitoring Serverless Applications (SRV303-S) - AWS re:Invent 2018Amazon Web Services
 
Create a Frictionless, Connected Retail Checkout Experience Inspired by Amazo...
Create a Frictionless, Connected Retail Checkout Experience Inspired by Amazo...Create a Frictionless, Connected Retail Checkout Experience Inspired by Amazo...
Create a Frictionless, Connected Retail Checkout Experience Inspired by Amazo...Amazon Web Services
 
Deploy Alexa for Business in Your Organization & Build Your First Private Ski...
Deploy Alexa for Business in Your Organization & Build Your First Private Ski...Deploy Alexa for Business in Your Organization & Build Your First Private Ski...
Deploy Alexa for Business in Your Organization & Build Your First Private Ski...Amazon Web Services
 
Build a Voice-Based Chatbot for Your Amazon Connect Contact Center (BAP401-R1...
Build a Voice-Based Chatbot for Your Amazon Connect Contact Center (BAP401-R1...Build a Voice-Based Chatbot for Your Amazon Connect Contact Center (BAP401-R1...
Build a Voice-Based Chatbot for Your Amazon Connect Contact Center (BAP401-R1...Amazon Web Services
 
Plan, Track, and Execute Mass Migrations (ENT325-R1) - AWS re:Invent 2018
Plan, Track, and Execute Mass Migrations (ENT325-R1) - AWS re:Invent 2018Plan, Track, and Execute Mass Migrations (ENT325-R1) - AWS re:Invent 2018
Plan, Track, and Execute Mass Migrations (ENT325-R1) - AWS re:Invent 2018Amazon Web Services
 
Automate & Audit Cloud Governance & Compliance in Your Landing Zone (ENT315-R...
Automate & Audit Cloud Governance & Compliance in Your Landing Zone (ENT315-R...Automate & Audit Cloud Governance & Compliance in Your Landing Zone (ENT315-R...
Automate & Audit Cloud Governance & Compliance in Your Landing Zone (ENT315-R...Amazon Web Services
 
Build Workflows with Amazon CloudFront, Amazon Route 53, & Lambda@Edge (CTD40...
Build Workflows with Amazon CloudFront, Amazon Route 53, & Lambda@Edge (CTD40...Build Workflows with Amazon CloudFront, Amazon Route 53, & Lambda@Edge (CTD40...
Build Workflows with Amazon CloudFront, Amazon Route 53, & Lambda@Edge (CTD40...Amazon Web Services
 
Running Enterprise Test/Dev on Amazon EC2 Spot Instances (CMP407-R1) - AWS re...
Running Enterprise Test/Dev on Amazon EC2 Spot Instances (CMP407-R1) - AWS re...Running Enterprise Test/Dev on Amazon EC2 Spot Instances (CMP407-R1) - AWS re...
Running Enterprise Test/Dev on Amazon EC2 Spot Instances (CMP407-R1) - AWS re...Amazon Web Services
 
Best Practices for Building Multi-Region, Active-Active Serverless Applicatio...
Best Practices for Building Multi-Region, Active-Active Serverless Applicatio...Best Practices for Building Multi-Region, Active-Active Serverless Applicatio...
Best Practices for Building Multi-Region, Active-Active Serverless Applicatio...Amazon Web Services
 
DevOps Concepts for Data Science (DEV347-R2) - AWS re:Invent 2018
DevOps Concepts for Data Science (DEV347-R2) - AWS re:Invent 2018DevOps Concepts for Data Science (DEV347-R2) - AWS re:Invent 2018
DevOps Concepts for Data Science (DEV347-R2) - AWS re:Invent 2018Amazon Web Services
 
Network Foundations on AWS (GPSCT409) - AWS re:Invent 2018
Network Foundations on AWS (GPSCT409) - AWS re:Invent 2018Network Foundations on AWS (GPSCT409) - AWS re:Invent 2018
Network Foundations on AWS (GPSCT409) - AWS re:Invent 2018Amazon Web Services
 
Build Your Own Royal Wedding Celebrity Viewing Experience (CTD401) - AWS re:I...
Build Your Own Royal Wedding Celebrity Viewing Experience (CTD401) - AWS re:I...Build Your Own Royal Wedding Celebrity Viewing Experience (CTD401) - AWS re:I...
Build Your Own Royal Wedding Celebrity Viewing Experience (CTD401) - AWS re:I...Amazon Web Services
 
Best Practices for Safe Deployments on AWS Lambda and Amazon API Gateway (SRV...
Best Practices for Safe Deployments on AWS Lambda and Amazon API Gateway (SRV...Best Practices for Safe Deployments on AWS Lambda and Amazon API Gateway (SRV...
Best Practices for Safe Deployments on AWS Lambda and Amazon API Gateway (SRV...Amazon Web Services
 
[NEW LAUNCH!] Introducing AWS Elemental MantaRay (CTD325) - AWS re:Invent 2018
[NEW LAUNCH!] Introducing AWS Elemental MantaRay (CTD325) - AWS re:Invent 2018[NEW LAUNCH!] Introducing AWS Elemental MantaRay (CTD325) - AWS re:Invent 2018
[NEW LAUNCH!] Introducing AWS Elemental MantaRay (CTD325) - AWS re:Invent 2018Amazon Web Services
 
SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...
SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...
SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...Amazon Web Services
 
Machine Learning at the IoT Edge (IOT214) - AWS re:Invent 2018
Machine Learning at the IoT Edge (IOT214) - AWS re:Invent 2018Machine Learning at the IoT Edge (IOT214) - AWS re:Invent 2018
Machine Learning at the IoT Edge (IOT214) - AWS re:Invent 2018Amazon Web Services
 
Manage Queries, and Audit Usage & Control Costs at Scale on Amazon Athena (AN...
Manage Queries, and Audit Usage & Control Costs at Scale on Amazon Athena (AN...Manage Queries, and Audit Usage & Control Costs at Scale on Amazon Athena (AN...
Manage Queries, and Audit Usage & Control Costs at Scale on Amazon Athena (AN...Amazon Web Services
 
Introduction to Version 3 of the AWS SDK for JavaScript (TypeScript) (DEV379-...
Introduction to Version 3 of the AWS SDK for JavaScript (TypeScript) (DEV379-...Introduction to Version 3 of the AWS SDK for JavaScript (TypeScript) (DEV379-...
Introduction to Version 3 of the AWS SDK for JavaScript (TypeScript) (DEV379-...Amazon Web Services
 
Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...
Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...
Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...Amazon Web Services
 
Managing Connected Devices at Scale with AWS IoT Device Management, ft. Hudl ...
Managing Connected Devices at Scale with AWS IoT Device Management, ft. Hudl ...Managing Connected Devices at Scale with AWS IoT Device Management, ft. Hudl ...
Managing Connected Devices at Scale with AWS IoT Device Management, ft. Hudl ...Amazon Web Services
 

What's hot (20)

Monitoring Serverless Applications (SRV303-S) - AWS re:Invent 2018
Monitoring Serverless Applications (SRV303-S) - AWS re:Invent 2018Monitoring Serverless Applications (SRV303-S) - AWS re:Invent 2018
Monitoring Serverless Applications (SRV303-S) - AWS re:Invent 2018
 
Create a Frictionless, Connected Retail Checkout Experience Inspired by Amazo...
Create a Frictionless, Connected Retail Checkout Experience Inspired by Amazo...Create a Frictionless, Connected Retail Checkout Experience Inspired by Amazo...
Create a Frictionless, Connected Retail Checkout Experience Inspired by Amazo...
 
Deploy Alexa for Business in Your Organization & Build Your First Private Ski...
Deploy Alexa for Business in Your Organization & Build Your First Private Ski...Deploy Alexa for Business in Your Organization & Build Your First Private Ski...
Deploy Alexa for Business in Your Organization & Build Your First Private Ski...
 
Build a Voice-Based Chatbot for Your Amazon Connect Contact Center (BAP401-R1...
Build a Voice-Based Chatbot for Your Amazon Connect Contact Center (BAP401-R1...Build a Voice-Based Chatbot for Your Amazon Connect Contact Center (BAP401-R1...
Build a Voice-Based Chatbot for Your Amazon Connect Contact Center (BAP401-R1...
 
Plan, Track, and Execute Mass Migrations (ENT325-R1) - AWS re:Invent 2018
Plan, Track, and Execute Mass Migrations (ENT325-R1) - AWS re:Invent 2018Plan, Track, and Execute Mass Migrations (ENT325-R1) - AWS re:Invent 2018
Plan, Track, and Execute Mass Migrations (ENT325-R1) - AWS re:Invent 2018
 
Automate & Audit Cloud Governance & Compliance in Your Landing Zone (ENT315-R...
Automate & Audit Cloud Governance & Compliance in Your Landing Zone (ENT315-R...Automate & Audit Cloud Governance & Compliance in Your Landing Zone (ENT315-R...
Automate & Audit Cloud Governance & Compliance in Your Landing Zone (ENT315-R...
 
Build Workflows with Amazon CloudFront, Amazon Route 53, & Lambda@Edge (CTD40...
Build Workflows with Amazon CloudFront, Amazon Route 53, & Lambda@Edge (CTD40...Build Workflows with Amazon CloudFront, Amazon Route 53, & Lambda@Edge (CTD40...
Build Workflows with Amazon CloudFront, Amazon Route 53, & Lambda@Edge (CTD40...
 
Running Enterprise Test/Dev on Amazon EC2 Spot Instances (CMP407-R1) - AWS re...
Running Enterprise Test/Dev on Amazon EC2 Spot Instances (CMP407-R1) - AWS re...Running Enterprise Test/Dev on Amazon EC2 Spot Instances (CMP407-R1) - AWS re...
Running Enterprise Test/Dev on Amazon EC2 Spot Instances (CMP407-R1) - AWS re...
 
Best Practices for Building Multi-Region, Active-Active Serverless Applicatio...
Best Practices for Building Multi-Region, Active-Active Serverless Applicatio...Best Practices for Building Multi-Region, Active-Active Serverless Applicatio...
Best Practices for Building Multi-Region, Active-Active Serverless Applicatio...
 
DevOps Concepts for Data Science (DEV347-R2) - AWS re:Invent 2018
DevOps Concepts for Data Science (DEV347-R2) - AWS re:Invent 2018DevOps Concepts for Data Science (DEV347-R2) - AWS re:Invent 2018
DevOps Concepts for Data Science (DEV347-R2) - AWS re:Invent 2018
 
Network Foundations on AWS (GPSCT409) - AWS re:Invent 2018
Network Foundations on AWS (GPSCT409) - AWS re:Invent 2018Network Foundations on AWS (GPSCT409) - AWS re:Invent 2018
Network Foundations on AWS (GPSCT409) - AWS re:Invent 2018
 
Build Your Own Royal Wedding Celebrity Viewing Experience (CTD401) - AWS re:I...
Build Your Own Royal Wedding Celebrity Viewing Experience (CTD401) - AWS re:I...Build Your Own Royal Wedding Celebrity Viewing Experience (CTD401) - AWS re:I...
Build Your Own Royal Wedding Celebrity Viewing Experience (CTD401) - AWS re:I...
 
Best Practices for Safe Deployments on AWS Lambda and Amazon API Gateway (SRV...
Best Practices for Safe Deployments on AWS Lambda and Amazon API Gateway (SRV...Best Practices for Safe Deployments on AWS Lambda and Amazon API Gateway (SRV...
Best Practices for Safe Deployments on AWS Lambda and Amazon API Gateway (SRV...
 
[NEW LAUNCH!] Introducing AWS Elemental MantaRay (CTD325) - AWS re:Invent 2018
[NEW LAUNCH!] Introducing AWS Elemental MantaRay (CTD325) - AWS re:Invent 2018[NEW LAUNCH!] Introducing AWS Elemental MantaRay (CTD325) - AWS re:Invent 2018
[NEW LAUNCH!] Introducing AWS Elemental MantaRay (CTD325) - AWS re:Invent 2018
 
SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...
SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...
SaaS Jumpstart: A Primer for Launching Your SaaS Journey (ARC210-R2) - AWS re...
 
Machine Learning at the IoT Edge (IOT214) - AWS re:Invent 2018
Machine Learning at the IoT Edge (IOT214) - AWS re:Invent 2018Machine Learning at the IoT Edge (IOT214) - AWS re:Invent 2018
Machine Learning at the IoT Edge (IOT214) - AWS re:Invent 2018
 
Manage Queries, and Audit Usage & Control Costs at Scale on Amazon Athena (AN...
Manage Queries, and Audit Usage & Control Costs at Scale on Amazon Athena (AN...Manage Queries, and Audit Usage & Control Costs at Scale on Amazon Athena (AN...
Manage Queries, and Audit Usage & Control Costs at Scale on Amazon Athena (AN...
 
Introduction to Version 3 of the AWS SDK for JavaScript (TypeScript) (DEV379-...
Introduction to Version 3 of the AWS SDK for JavaScript (TypeScript) (DEV379-...Introduction to Version 3 of the AWS SDK for JavaScript (TypeScript) (DEV379-...
Introduction to Version 3 of the AWS SDK for JavaScript (TypeScript) (DEV379-...
 
Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...
Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...
Computing at the Edge with AWS Greengrass and Amazon FreeRTOS, ft. General El...
 
Managing Connected Devices at Scale with AWS IoT Device Management, ft. Hudl ...
Managing Connected Devices at Scale with AWS IoT Device Management, ft. Hudl ...Managing Connected Devices at Scale with AWS IoT Device Management, ft. Hudl ...
Managing Connected Devices at Scale with AWS IoT Device Management, ft. Hudl ...
 

Similar to ALB User Authentication: Identity Management at Scale with Netflix (NET204) - AWS re:Invent 2018

Modern Application Delivery on AWS: the Red Hat Way
Modern Application Delivery on AWS: the Red Hat WayModern Application Delivery on AWS: the Red Hat Way
Modern Application Delivery on AWS: the Red Hat WayAmazon Web Services
 
Life of a Code Change to a Tier 1 Service - AWS Online Tech Talks
Life of a Code Change to a Tier 1 Service - AWS Online Tech TalksLife of a Code Change to a Tier 1 Service - AWS Online Tech Talks
Life of a Code Change to a Tier 1 Service - AWS Online Tech TalksAmazon Web Services
 
Resiliency and Availability Design Patterns for the Cloud
Resiliency and Availability Design Patterns for the CloudResiliency and Availability Design Patterns for the Cloud
Resiliency and Availability Design Patterns for the CloudAmazon Web Services
 
From Idea to Customers: Developing Modern Cloud-Enabled Apps with AWS (MOB201...
From Idea to Customers: Developing Modern Cloud-Enabled Apps with AWS (MOB201...From Idea to Customers: Developing Modern Cloud-Enabled Apps with AWS (MOB201...
From Idea to Customers: Developing Modern Cloud-Enabled Apps with AWS (MOB201...Amazon Web Services
 
Making Hybrid Work for You: Getting into the Cloud Fast (GPSTEC308) - AWS re:...
Making Hybrid Work for You: Getting into the Cloud Fast (GPSTEC308) - AWS re:...Making Hybrid Work for You: Getting into the Cloud Fast (GPSTEC308) - AWS re:...
Making Hybrid Work for You: Getting into the Cloud Fast (GPSTEC308) - AWS re:...Amazon Web Services
 
Amazon CI-CD Practices for Software Development Teams
Amazon CI-CD Practices for Software Development Teams Amazon CI-CD Practices for Software Development Teams
Amazon CI-CD Practices for Software Development Teams Amazon Web Services
 
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...Amazon Web Services
 
Building Microservices with the 12 Factor App Pattern on AWS - Tony Pujals
Building Microservices with the 12 Factor App Pattern on AWS - Tony PujalsBuilding Microservices with the 12 Factor App Pattern on AWS - Tony Pujals
Building Microservices with the 12 Factor App Pattern on AWS - Tony PujalsAmazon Web Services
 
Launch Applications the Amazon Way: AWS Startup Day - New York 2018
Launch Applications the Amazon Way: AWS Startup Day - New York 2018Launch Applications the Amazon Way: AWS Startup Day - New York 2018
Launch Applications the Amazon Way: AWS Startup Day - New York 2018Amazon Web Services
 
[REPEAT 1] Safeguard the Integrity of Your Code for Fast and Secure Deploymen...
[REPEAT 1] Safeguard the Integrity of Your Code for Fast and Secure Deploymen...[REPEAT 1] Safeguard the Integrity of Your Code for Fast and Secure Deploymen...
[REPEAT 1] Safeguard the Integrity of Your Code for Fast and Secure Deploymen...Amazon Web Services
 
Safeguard the Integrity of Your Code for Fast and Secure Deployments (DEV349-...
Safeguard the Integrity of Your Code for Fast and Secure Deployments (DEV349-...Safeguard the Integrity of Your Code for Fast and Secure Deployments (DEV349-...
Safeguard the Integrity of Your Code for Fast and Secure Deployments (DEV349-...Amazon Web Services
 
Leadership Session: Developing Mobile & Web Apps on AWS (MOB202-L) - AWS re:I...
Leadership Session: Developing Mobile & Web Apps on AWS (MOB202-L) - AWS re:I...Leadership Session: Developing Mobile & Web Apps on AWS (MOB202-L) - AWS re:I...
Leadership Session: Developing Mobile & Web Apps on AWS (MOB202-L) - AWS re:I...Amazon Web Services
 
Amazon CI/CD Practices for Software Development Teams - SRV320 - Anaheim AWS ...
Amazon CI/CD Practices for Software Development Teams - SRV320 - Anaheim AWS ...Amazon CI/CD Practices for Software Development Teams - SRV320 - Anaheim AWS ...
Amazon CI/CD Practices for Software Development Teams - SRV320 - Anaheim AWS ...Amazon Web Services
 
Engage your audience through mobile
Engage your audience through mobileEngage your audience through mobile
Engage your audience through mobileAmazon Web Services
 
2018 re:Invent - Safeguard the Integrity of Your Code for Fast and Secure Dep...
2018 re:Invent - Safeguard the Integrity of Your Code for Fast and Secure Dep...2018 re:Invent - Safeguard the Integrity of Your Code for Fast and Secure Dep...
2018 re:Invent - Safeguard the Integrity of Your Code for Fast and Secure Dep...Martin Klie
 
Releasing Mission-Critical Software at Amazon (DEV209-R1) - AWS re:Invent 2018
Releasing Mission-Critical Software at Amazon (DEV209-R1) - AWS re:Invent 2018Releasing Mission-Critical Software at Amazon (DEV209-R1) - AWS re:Invent 2018
Releasing Mission-Critical Software at Amazon (DEV209-R1) - AWS re:Invent 2018Amazon Web Services
 
Building Microservices with the Twelve-Factor App Pattern - SRV346 - Chicago ...
Building Microservices with the Twelve-Factor App Pattern - SRV346 - Chicago ...Building Microservices with the Twelve-Factor App Pattern - SRV346 - Chicago ...
Building Microservices with the Twelve-Factor App Pattern - SRV346 - Chicago ...Amazon Web Services
 
AWS Startup Day Kyiv: AWS Security Best Practices
AWS Startup Day Kyiv: AWS Security Best PracticesAWS Startup Day Kyiv: AWS Security Best Practices
AWS Startup Day Kyiv: AWS Security Best PracticesAmazon Web Services
 

Similar to ALB User Authentication: Identity Management at Scale with Netflix (NET204) - AWS re:Invent 2018 (20)

Modern Application Delivery on AWS: the Red Hat Way
Modern Application Delivery on AWS: the Red Hat WayModern Application Delivery on AWS: the Red Hat Way
Modern Application Delivery on AWS: the Red Hat Way
 
Life of a Code Change to a Tier 1 Service - AWS Online Tech Talks
Life of a Code Change to a Tier 1 Service - AWS Online Tech TalksLife of a Code Change to a Tier 1 Service - AWS Online Tech Talks
Life of a Code Change to a Tier 1 Service - AWS Online Tech Talks
 
Lex and connect
Lex and connectLex and connect
Lex and connect
 
Resiliency and Availability Design Patterns for the Cloud
Resiliency and Availability Design Patterns for the CloudResiliency and Availability Design Patterns for the Cloud
Resiliency and Availability Design Patterns for the Cloud
 
From Idea to Customers: Developing Modern Cloud-Enabled Apps with AWS (MOB201...
From Idea to Customers: Developing Modern Cloud-Enabled Apps with AWS (MOB201...From Idea to Customers: Developing Modern Cloud-Enabled Apps with AWS (MOB201...
From Idea to Customers: Developing Modern Cloud-Enabled Apps with AWS (MOB201...
 
Making Hybrid Work for You: Getting into the Cloud Fast (GPSTEC308) - AWS re:...
Making Hybrid Work for You: Getting into the Cloud Fast (GPSTEC308) - AWS re:...Making Hybrid Work for You: Getting into the Cloud Fast (GPSTEC308) - AWS re:...
Making Hybrid Work for You: Getting into the Cloud Fast (GPSTEC308) - AWS re:...
 
Amazon CI-CD Practices for Software Development Teams
Amazon CI-CD Practices for Software Development Teams Amazon CI-CD Practices for Software Development Teams
Amazon CI-CD Practices for Software Development Teams
 
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...
 
Building Microservices with the 12 Factor App Pattern on AWS - Tony Pujals
Building Microservices with the 12 Factor App Pattern on AWS - Tony PujalsBuilding Microservices with the 12 Factor App Pattern on AWS - Tony Pujals
Building Microservices with the 12 Factor App Pattern on AWS - Tony Pujals
 
Launch Applications the Amazon Way: AWS Startup Day - New York 2018
Launch Applications the Amazon Way: AWS Startup Day - New York 2018Launch Applications the Amazon Way: AWS Startup Day - New York 2018
Launch Applications the Amazon Way: AWS Startup Day - New York 2018
 
[REPEAT 1] Safeguard the Integrity of Your Code for Fast and Secure Deploymen...
[REPEAT 1] Safeguard the Integrity of Your Code for Fast and Secure Deploymen...[REPEAT 1] Safeguard the Integrity of Your Code for Fast and Secure Deploymen...
[REPEAT 1] Safeguard the Integrity of Your Code for Fast and Secure Deploymen...
 
Safeguard the Integrity of Your Code for Fast and Secure Deployments (DEV349-...
Safeguard the Integrity of Your Code for Fast and Secure Deployments (DEV349-...Safeguard the Integrity of Your Code for Fast and Secure Deployments (DEV349-...
Safeguard the Integrity of Your Code for Fast and Secure Deployments (DEV349-...
 
Leadership Session: Developing Mobile & Web Apps on AWS (MOB202-L) - AWS re:I...
Leadership Session: Developing Mobile & Web Apps on AWS (MOB202-L) - AWS re:I...Leadership Session: Developing Mobile & Web Apps on AWS (MOB202-L) - AWS re:I...
Leadership Session: Developing Mobile & Web Apps on AWS (MOB202-L) - AWS re:I...
 
Amazon CI/CD Practices for Software Development Teams - SRV320 - Anaheim AWS ...
Amazon CI/CD Practices for Software Development Teams - SRV320 - Anaheim AWS ...Amazon CI/CD Practices for Software Development Teams - SRV320 - Anaheim AWS ...
Amazon CI/CD Practices for Software Development Teams - SRV320 - Anaheim AWS ...
 
Engage your audience through mobile
Engage your audience through mobileEngage your audience through mobile
Engage your audience through mobile
 
2018 re:Invent - Safeguard the Integrity of Your Code for Fast and Secure Dep...
2018 re:Invent - Safeguard the Integrity of Your Code for Fast and Secure Dep...2018 re:Invent - Safeguard the Integrity of Your Code for Fast and Secure Dep...
2018 re:Invent - Safeguard the Integrity of Your Code for Fast and Secure Dep...
 
Releasing Mission-Critical Software at Amazon (DEV209-R1) - AWS re:Invent 2018
Releasing Mission-Critical Software at Amazon (DEV209-R1) - AWS re:Invent 2018Releasing Mission-Critical Software at Amazon (DEV209-R1) - AWS re:Invent 2018
Releasing Mission-Critical Software at Amazon (DEV209-R1) - AWS re:Invent 2018
 
Building Microservices with the Twelve-Factor App Pattern - SRV346 - Chicago ...
Building Microservices with the Twelve-Factor App Pattern - SRV346 - Chicago ...Building Microservices with the Twelve-Factor App Pattern - SRV346 - Chicago ...
Building Microservices with the Twelve-Factor App Pattern - SRV346 - Chicago ...
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best Practices
 
AWS Startup Day Kyiv: AWS Security Best Practices
AWS Startup Day Kyiv: AWS Security Best PracticesAWS Startup Day Kyiv: AWS Security Best Practices
AWS Startup Day Kyiv: AWS Security Best Practices
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

ALB User Authentication: Identity Management at Scale with Netflix (NET204) - AWS re:Invent 2018

  • 1.
  • 2. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. ALB Authentication: Identity Management at Scale with Netflix Will Rose Senior Security Engineer Netflix Information Security N E T 2 0 4
  • 3. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Agenda Netflix Identity Principles In Practice ALB Authentication Discussion
  • 4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 5. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Principle Federate Everything Every. Single. App. Single Sign On Standards OpenID Connect and OAuth SAML Make It Easy To Do The Right Thing …and difficult to do it wrong
  • 6. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Principle Developer Self-Service Simple onboarding Expertise not required Immediately available No approval required
  • 7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Principle Device Health Checks User Focused Security Engage with users to improve device security Stethoscope Open Source tool from Netflix to report on device health status Integrated with Netflix Identity Platform Influences user’s authentication experience
  • 8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Principle Adaptive Multi-Factor Authentication Contextual step-up authentication using: Application Sensitivity Usage patterns and behaviors Device Health Status User Agent Recognition Geographic Location
  • 9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 10. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Landscape Hundreds of applications, growing daily With Great Freedom comes… Great Variability Languages and Frameworks galore
  • 11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Identity Challenges Just use Client Libraries to Federate! Always playing catch-up to new languages and frameworks Open source options of varying quality and completeness Developer friction around configuration
  • 12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Identity Challenges Ok, then just use Authenticating Proxies! Additional critical infrastructure to maintain Potential bottlenecks and new failure modes to address Additional infrastructure cost to operate Proxy Layer Application Layer
  • 13. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Please select one C. None of the above
  • 14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Crazy Talk Auth == Undifferentiated Heavy Lifting! Why not Application Load Balancers!? Let’s talk to Amazon! Please?
  • 16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 17. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Alphabet Soup Ingredients 1 x AWS 1 x ALB 1 x OIDC Simmer for 6 months Serves: everyone
  • 18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Under the Hood X-Amzn-OIDC-Identity: will.rose@domain.com X-Amzn-OIDC-Access-Token: 1waGF…YW50 X-Amzn-OIDC-Data: eyJhbG...y4MbQQ
  • 19. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Adoption Native Spinnaker integration Fully self-service with only a few clicks No new infrastructure required Identical integration experience across all languages Our recommended integration path for all applications
  • 20. Thank you! © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Will Rose wrose@netflix.com
  • 21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.