We are not using ADFS when we log onto AWS servers - amazon-web-services

I am going over IAM topic. Understood about Active Directory Federation service (ADFS). We just started on a project. We are going to host a vendor product that we use here on premise onto AWS. I RDP (remote into) into AWS 2012 servers from my office network. When I log onto AWS windows 2012 servers, I see my credentials already on AWS servers. I am pretty sure we are not using ADFS to authenticate users. What else could we be using when we RDP onto AWS servers. I can see my on premise file servers when I log onto AWS servers. Is it possible that when our cloud platform engineers have setup AWS servers, they configured in such a way we can see our on prem servers?

I'm assuming you used your domain credentials to RDP to the servers in AWS... The AWS servers would need to be joined to the domain and there would need to be a route from the VPC in AWS back to your on-prem infrastructure in order for either of those things to work, so it sounds like it was configured prior to you logging onto it.

Related

Recommended component to use in aws to connect to on-premise services

I have tried to search relevant info but couldn't find anything relevant. Please point me to some links on this.
I would like to know what is the best way to:
Connect to on-premise SOAP services from AWS cloud
on-premise Java RMI services
on-premise FTP to exchange files
Thanks
Connecting to SOAP, Java RMI or FTP service on-premise is something that will part of your application logic implementation. Which infrastructure you choose to deploy your application is a matter of choice depending on factors like what knowledge you have, what other application requirements you have and so on. Provided that you have configured your on-premise servers so that they are available on the public internet, you can choose to deploy your application using any server hosting option. For AWS specifically, EC2, Elastic Beanstalk and container options EKS and ECS comes to mind in addition to Lambda.

I just Need to create centralized DNS/LDAP for 3 cloud provider AWS, GCP, Alibaba

I Need to create a centralized DNS server or LDAP for All the cloud platform ..AWS, GCP, Alibaba.
Need a tools name and what is the approach to get this done?
If you run DNS and LDAP servers in real VMs you can use any DNS server and any LDAP server product provided the products support replicating the data over TCP and you set up network connection between all the different public cloud deployments.

How to restrict access to EC2 Spring Boot based REST endpoints

I have static web hosted on AWS S3 and Spring Boot based REST application running on EC2.
How would I restrict access to EC2? Currently, I have opened access to world on 8080 port, but this is not what i would like to have when I migrate to production. If I do not open access to world, I have connection timeout error in the browser's console.
Is there some way to allow only S3 based bucket to see EC2 instance and revoke world access?
But the code isn't running on the "S3 based bucket", it is running in each of your user's browsers. So you have to allow access to the world since you don't know ahead of time each IP address of each user you will ever have.
You should look into something like JSON Web Tokens or AWS Cognito or at least use API Keys.

Setup Federation of Windows AD in AWS

I am new to AWS i am trying to federate aws access with my active directory. So far i have created a Windows Server 2008 [ec2 instance] in a VPC on aws. I have installed AD, DNS, ADFS. I followed all the steps mentioned in this link --> http://blogs.aws.amazon.com/security/post/Tx71TWXXJ3UI14/Enabling-Federation-to-AWS-using-Windows-Active-Directory-ADFS-and-SAML-2-0
I was successful in creating the Windows active directory but i am not able to access it outside the VM. I have created a elastic ip and associated it with that instance as well, since it is created in a VPC.
My requirement is to access the aws management console with my AD details in place of IAM.I am struck with this i don't know where to go from here.
I am very new to AWS, sorry if my terms are wrong.. Kindly help me with this.

Setting up an Amazon Server with Go Daddy

I am trying to set up an Amazon Server to host a dynamic website I'm currently creating. I have the domain bought on GoDaddy.com, and I believe that what I've done so far has linked the domain to my Amazon account.
I followed this tutorial : http://www.mycowsworld.com/blog/2013/07/29/setting-up-a-godaddy-domain-name-with-amazon-web-services/
In short, this walked me through setting up and Amazon S3 (Simple Storage Service) and Amazon Route 53. I then configured the DNS Servers, and my website now launches properly on the domain.
I'm not sure on the next step from here, but I would like to set up:
-A database server
-Anything else that might be necessary to run a dynamic website.
I am very new to hosting websites, and semi-new to web development in general, so the more in depth the better.
Thanks a lot
You have two options on AWS. Run an EC2 server and setup your application or continue to use the AWS managed services like S3.
Flask apps can be hosted on Elastic Beanstalk and
your database can be hosted on RDS (Relational Database Service). Then the two can be integrated.
Otherwise, spin up your own t2.micro instance in EC2. Log in via ssh and set up the database server and application like you have locally. This server could also host the (currently S3 hosted) static files too.
I have no idea what your requirements are, personally I would start with setting up the EC2 instance and go from there as integrating AWS services is without knowing what you need is probably not the easiest first step.
Heroku might be another option. They host their services on AWS and give you an end to end solution for deploying and running your python code without getting your hands dirty setting up servers.