AWS introduced Verified Access. The service allows users to set conditions that devices must meet to access applications. AWS positions Verified Access as a more effective alternative to virtual private networks (VPNs).
During the announcement, the tech giant pointed out the disadvantages of VPNs. According to AWS, management is complex. The tech giant stated that policies are typically determined by multiple separate systems, including gateways, firewalls and software. “Customers told us that policy updates can take months to roll out”, the organization said.
AWS Verified Access serves the same purpose as VPNs. The new service allows admins to control which devices can access applications. Unlike the average VPN environment, the conditions that devices must meet can be managed in a single system. In addition, end users don’t need a VPN client to connect to applications. A browser plugin is sufficient.
AWS Verified Access
Sébastien Stormacq, Developer Advocate at AWS, demonstrated the service in a blog post. Each step of the configuration takes place in the AWS Management Console. The process starts by linking an identity management system. Administrators can then set access conditions for each application and user.
Stormacq kept things simple by making a web application accessible to any user with a mail address ending in @aws.com. In practice, conditions can be based on user groups. For example, administrators can make a financial reporting application exclusively accessible to finance employees.
Third-party device management solutions allow for more complex conditions. AWS Verified Access supports integrations from multiple software vendors, including Jamf.
Among other things, Jamf’s software allows users to monitor the software versions and IP addresses of Apple devices. The integration of Jamf and AWS Verified Access lets administrators incorporate such data into application access conditions.
As a result, it becomes possible to deny access to devices with an unknown IP or outdated operating system. AWS Verified Access is now available in 10 AWS regions, including Europe. Costs are usage-based.
Techzine is attending AWS re:Invent this week. Keep an eye on the website for more. You can find the most important news in this overview.