Feeds

AWS taps social networks for identity verification

Log in with Amazon, Facebook, Google, to your cloudy app

HP ProLiant Gen8: Integrated lifecycle automation

Amazon Web Services makes most of its money out of its infrastructure services, but that isn't stopping Bezos & Co from trying to broaden the remit of their cloud.

One way to make AWS more attractive to devs (and thus use more services) is to have them build entire web sites on top of AWS, and to do this Amazon needs to produce technologies that solve major headaches, like social identity management.

The AWS Identity and Access Management service now supports log-ins from Google, Facebook or Amazon.com identities, the company announced in a blog post on Tuesday.

"Web identity federation enables your users to sign in to your app using their Amazon.com, Facebook, or Google identity and authorize them to seamlessly access AWS resources that are managed under your AWS account," Jeff Wierer, AWS's principal product manager for Identity and Access Management, wrote.

"If you are building a mobile or a client-based application, you can now integrate these three popular identity providers and authorize users without any server-side code and without distributing long-term credentials with the app."

The technology introduces a new Security Token Service API command AssumeRoleWithWebIdentity which requests a temporary security credential for customers who have been authenticated via Amazon.com, Facebook, or Google.

AWS Identity

Identity federation lets you sandbox social users

This lets developers give users a temporary pass which allows them to fiddle with AWS cloud resources without the developer needing to write a sophisticated backend to accommodate them.

Some example applications that can be built with the service include giving users the ability to log-in to an app, create a web avatar and upload it into the application's S3 storage.

Though the service looks to be handy for developers it also introduces a trade-off in forcing encouraging them to write more AWS-specific apps that can make use of the Identity Management suite – something major AWS developers are unlikely to sweat over, but which could introduce problems for application portability should they ever choose to migrate away from Bezos & Co's cloud. ®

Reducing security risks from open source software

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
SHOCK and AWS: The fall of Amazon's deflationary cloud
Just as Jeff Bezos did to books and CDs, Amazon's rivals are now doing to it
Amazon Reveals One Weird Trick: A Loss On Almost $20bn In Sales
Investors really hate it: Share price plunge as growth SLOWS in key AWS division
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
BlackBerry: Toss the server, mate... BES is in the CLOUD now
BlackBerry Enterprise Services takes aim at SMEs - but there's a catch
The triumph of VVOL: Everyone's jumping into bed with VMware
'Bandwagon'? Yes, we're on it and so what, say big dogs
Carbon tax repeal won't see data centre operators cut prices
Rackspace says electricity isn't a major cost, Equinix promises 'no levy'
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.