<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">
Curious about how StrongDM works? 🤔 Learn more here!
Search
Close icon
Search bar icon
Blog / AWS

AWS re:Invent 2023 Recap: RDS for Db2, EKS Pod Identity & More

re:Invent 2023 was AWS’ 12th conference, and it did not disappoint. More than 50,000 of us descended onto Las Vegas for a week of learning, networking, and discussing all things cloud. The campus was insanely large, spanning most of the Las Vegas strip, so that meant we got our steps in! We had some fun along the way, as well, at the many social gatherings, parties and amazing musical experience re:Play. 

It was great to hear Adam Selipsky, CEO of AWS say at his keynote:

“re:Invent remains, above all, a learning conference”

And this is so true. Tons of sessions were available to learn from. As for StrongDM, we learned tremendously… from our customers, future customers, and friends old and new. 

We also listened intently. We enjoyed the thousands of conversations our executives and booth staff had in our booth during the week. Some of them were sobering and timely conversations about security issues that could be corrected with our help. We heard you loud and clear that you want more out of your access management solution. You want to rip out your legacy PAM and bring in true Dynamic Access Management that spans your legacy and cloud-native environments. You want to achieve actual wins that don’t just sound good on a white paper: You want Zero Standing Access, Zero Standing Privileges, and Zero Exposed Credentials.

strongdm-team-aws-reinvent-2023

StrongDM Continuous Zero Trust Authorization

Our CTO, Justin McCarthy, also presented something revolutionary on opening night: Continuous Zero Trust Authorization with Strong Policy Engine. Justin showed off how we’ll have real-time monitoring of access and operations across your infrastructure and the ability to enforce contextual access policies in real time. People were amazed and commented to us that this is not the PAM they know and hate. We built our new Strong Policy Engine on top of the AWS Cedar policy language, which allows us to implement an extremely fast and fine-grain in-line authorization engine that can make access decisions in milliseconds while the session is active. 

From Sarah Cecchetti, Head of Product, Cedar, AWS:

“Software teams are building new applications for different use cases, and their security tooling must keep pace with them. They need ways to evaluate access continuously, not just at the point of entry. This includes robust security policies that are enforced in real time, all the time, and policy decisions that are informed by knowledge of the context on the ground. AWS created the Cedar policy language as a building block so that companies like StrongDM can build provable security into a new class of tools that are both easy and reliable. This next step in Zero Trust authorization has been a long time coming, and we're incredibly excited for this launch.” 

We are excited to be working on this new evolution in dynamic access and will be making more announcements in the coming months. 

Notable Announcements from AWS

It’s no surprise that AWS makes major announcements of new or updated services every year, and 2023 was no exception. Of those many announcements, we picked a few that we think are important to call out.

1. Amazon RDS for Db2

IBM Db2 is now fully managed and part of Amazon RDS. Databases have been near and dear to us since the very beginning, and we’re pleased to announce that we have out-of-the-box support for the newest flavor of RDS. Read more details here.

2. IAM Access Analyzer Updates: Unused Access

We’re huge fans of finding, reporting, and removing unused access, and welcome the newest capabilities in AWS IAM that allow our mutual customers to get closer to nuking unused and standing access once and for all. With this new capability, AWS allows admins to review unused IAM users/roles, access keys, passwords, services, and actions. We like the sound of that.

3. Amazon EKS Pod Identity

EKS specifically, and Kubernetes as a whole, is one of our favorite resource types that we support. We like to see AWS implement this new feature in EKS that allows EKS admins to configure new pods to have IAM roles associated with Kubernetes service accounts, giving pods finer grain access controls and least privilege access to AWS services. 

There were many, many more announcements, too many to list here, but we’ll make an additional honorable mention: the innovation of AWS’ oldest service, S3, continues! Just ask our CEO, Tim Prendergast, who met S3 Bucket in real life!

tim-amazon-s3-cup

Looking Ahead

We look forward to what AWS will have in store for the cloud world at its premiere event next year. We are certain that we will continue to evolve Dynamic Access Management for the modern world. Who knows, you may even see us in Philly for re:Inforce… In the meantime, follow our StrongDM loves AWS page.

I don’t know about you, but I think I need to soak my aching feet for another week after all that walking!

Want to see StrongDM in action? Book a demo.


About the Author

, Technical Evangelist, has had a long 30+ year career in systems engineering and architecture, but has spent the last 13+ years working on the Cloud, and specifically, Cloud Security. He's currently the Technical Evangelist at StrongDM, taking the message of Zero Trust Privileged Access Management (PAM) to the world. As a practitioner, he architected and created cloud automation, DevOps, and security and compliance solutions at Netflix and Adobe. He worked closely with customers at Evident.io, where he was telling the world about how cloud security should be done at conferences, meetups and customer sessions. Before coming to StrongDM, he lead an innovations and solutions team at Palo Alto Networks, working across many of the company's security products.

StrongDM logo
💙 this post?
Then get all that StrongDM goodness, right in your inbox.

You May Also Like

How to Automate Continuous Compliance in AWS with StrongDM
How to Automate Continuous Compliance in AWS with StrongDM
Enterprises seek ways to effectively address the needs of dynamic, always-evolving cloud infrastructures, and StrongDM has developed a platform that is designed with built-in capabilities to support continuous compliance in AWS environments.
StrongDM Releases Cedar-Go 1.0.0: Policy-Based Authorization for Go Developers
StrongDM Releases Cedar-Go 1.0.0: Policy-Based Authorization for Go Developers
StrongDM releases Cedar-Go 1.0.0, delivering policy-based authorization for Go developers. Build secure, high-performance apps with Cedar’s powerful framework—now Go-native. Simplify access control, scale effortlessly, and keep security simple.
Why Just-in-Time Access Is Key for Zero Trust Security in AWS
Why Just-in-Time Access Is Key for Zero Trust Security in AWS
Learn why Just-in-Time (JIT) access is essential for Zero Trust security in AWS environments. Discover how StrongDM's JIT access enhances security, optimizes workflows, and ensures compliance with Zero Trust principles.
Cedar for Kubernetes: Authorization That Speaks Your Language
Cedar for Kubernetes: Authorization That Speaks Your Language
By simplifying the ability to enforce granular policies, Cedar has set a new benchmark for access control in Kubernetes, and we’re thrilled to be part of this journey. This evolution is a milestone for anyone dedicated to securing cloud infrastructure.
Cedar Go Implementation: Simplifying Security for Developers
Cedar Go Implementation: Simplifying Security for Developers
We are pleased to announce that Amazon has accepted StrongDM's native Go implementation of Cedar into the Cedar Policy Organization's official GitHub repository. This allows Go developers to use Cedar, a security and authorization framework built to be fast, secure, and analyzable natively in their Go programs.