• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Project of the Week
  • About Us
    SEARCH
Compliance, IT Infrastructure, Network Security, News

AWS Verified Access is Now Generally Available

AWS Verified Access is a networking service that uses zero trust principles to give organizations secure access to applications without a VPN.

May 2, 2023 Zachary Comeau Leave a Comment

AWS Amazon Security Lake
stock.adobe.com/gguy

Amazon Web Services is launching the general availability of AWS Verified Access, a new networking service designed to use zero trust principles to give customers secure access to corporate applications without a VPN.

According to the company, AWS Verified Access reduces the risks associated with remote connectivity by enabling customers to implement a work-from-anywhere model in a secure and scalable manner.

AWS first announced AWS Verified Access during re:Invent 2022 when it was released as a preview, and the company has since added two new features to enhance the product: an integration with AWS Web Application Firewall and support for passing signed identity context to application endpoints.

According to AWS, Verified Access’ integration with AWS Web Application Firewall (WAF) protects web applications from application-layer threats. This allows users to filter out common exploits such as SQL injection and cross-site scripting using AWS WAF while enabling AWS Zero Trust based fine-grained access for applications using user identity and device security status.

“AWS WAF lets you monitor the HTTP(S) requests that are forwarded to your protected application endpoints,” the company says in a blog. “You do this by defining a web access control list (Web ACL) and then associating it with one or more Verified Access instances you want to protect.”

The company says AWS WAF is enabled on a per Verified Access instance basis and adheres to the rules IT professionals define for application endpoints. When a user requests access to an application behind Verified Access, AWS WAF will inspect the HTTP request. Using AWS WAF rule statements, IT can provide matching criteria and the action to take on matches, including permitting or blocking the traffic. AWS WAF permits or blocks the traffic before handing the traffic over to Verified Access for an endpoint policy evaluation.

In addition, Verified Access now supports passing signed identity context to application endpoints. Previously, users would request access to the application behind Verified Access with both identity and device claims, but the claims were not available to the end applications.

Verified Access now passes signed identity context, including things like email, username and other attributes from the identity provider to the applications, AWS says.

“This enables you to personalize your application using this context, eliminating the need to re-authenticate the user for personalization,” the company says. “The signed context allows the application to verify cryptographically that Verified Access has authenticated the request.”

After Verified Access authenticates the user successfully and permits the request, it sends the user claims received from the identity trust provider to the application endpoint. Verified Access signs the user’s claim so that applications can verify the user’s identity and sends an HTTP header (x-amzn-ava-user-context) to the application endpoints in the format of a signed JSON Web Token (JWT). These claims are received by either the organization’s OIDC provider or the AWS Identity Access and Management (IAM) Identity Center.

Read the company’s blog to learn more about migrating applications to Verified Access and common use cases.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: AWS, Cybersecurity, Verified Access, Zero Trust

Related Content:

  • Cloud, SASE, Aryaka How the Cloud is Redefining Media Production and…
  • Singlewire Software mass notification interview Singlewire Software on Mass Notification Solutions
  • URI catchbox 1 Catchbox Plus: The Mic Solution That Finally Gave…
  • Engaging virtual meeting with diverse participants discussing creative ideas in a bright office space during daylight hours Diversified Survey: Workplace AV Tech is Falling Short,…

Free downloadable guide you may like:

  • Practical Design Guide for Office SpacesPractical Design Guide for Office Spaces

    Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-face time with co-workers. When designing the office spaces — and meeting spaces in particular — enabling that connection between co-workers is crucial. But introducing the right collaboration technology in meeting spaces can […]

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Contact Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSYour Privacy ChoicesTERMS OF USEPRIVACY POLICY

© 2025 Emerald X, LLC. All rights reserved.