Zero Trust Web Applications on AWS

Building secure applications, although required, is not a trivial task: understanding different authentication flows, token storage and lifecycle management, designing permissions models (RBAC, ABAC), etc. which is not only complex to design and build but also does not directly add any business value to your applications.

Besides, as systems grow the complexity of managing authentication and authorization across multiple users, services, and devices further increases. Scalability and maintainability become a concern, requiring thoughtful design and implementation.

In this session we demonstrate how to develop a Zero Trust mentality from Day 1, building on proven practices with customers and leveraging services such as Amazon Verified Access and Amazon Verified Permissions to delegate undifferentiated heavy lifting to AWS.