Forem: Gbemisola Esho

Harnessing Google’s AI for a Sustainable Future: From Data to Action

Gbemisola Esho — Sat, 14 Feb 2026 03:44:13 +0000

The intersection of technology and environmental stewardship is no longer a futuristic concept, it is a present-day necessity. As a GDE and investigative researcher, I have always looked for tools that bridge the gap between complex data and actionable policy.

The Yale GDG on Campus series provided a deep dive into a powerful ecosystem that allows us to monitor, model, and communicate environmental challenges with unprecedented precision.

The Sustainability Trinity: Earth Engine, Vertex AI, Gemini and more
To achieve true environmental accountability, we need a workflow that moves from observation to intelligence.

Google Earth Engine

: Our Planetary Dashboard
Earth Engine serves as the ultimate tool for environmental OSINT (Open Source Intelligence). It allows us to monitor the “Right to a Healthy Environment” by analyzing decades of satellite imagery. Whether we are tracking deforestation in the Sahel or urban heat islands in Lagos, Earth Engine provides the empirical evidence needed to verify corporate sustainability claims and fight “greenwashing.”

Vertex AI

: Engineering the Solutions
While Earth Engine gives us the data, Vertex AI allows us to build the solutions. As a Professional Security Engineer, I see Vertex AI as the bedrock for training custom machine learning models that can predict energy consumption or simulate climate risks. It allows us to create inclusive tools that are “secure by design,” ensuring that climate data remains protected while being accessible for impactful decision-making.

Gemini

: The Bridge to Human Understanding
The greatest barrier to climate action is often the complexity of the data. Gemini changes this by acting as a multimodal translator with advanced reasoning. I can explore how Gemini can take complex geospatial reports and localize them into languages like Yoruba, Hausa, or Igbo — making climate literacy a reality for everyone.

©Nadia B Ahmad

Google Maps

: The Interface for Real-World Action
Google Maps has evolved from a navigation tool into a “digital powerhouse” for environmental awareness and city planning.

Project Green Light: Uses AI and Google Maps driving trends to model traffic patterns and optimize traffic lights. This can reduce stops at intersections by up to 30% and emissions by over 10%.
Fuel-Efficient Routing: Suggests routes that take a similar amount of time but have fewer hills and less traffic, which enabled an estimated 2.7 million metric tons of GHG emissions reductions in 2024 alone.
Environment APIs: New tools like the Solar API (mapping solar potential for 320 million+ buildings) and the Air Quality API (tracking pollutants in 100+ countries) empower businesses and citizens to make healthier, greener choices.

Google Colab

: The Scientific Engine for Analysis
Google Colab is a zero-configuration, cloud-based platform that allows you to write and execute Python code directly in your browser, with free access to powerful GPUs and TPUs.

Geospatial Processing: Colab integrates seamlessly with Google Earth Engine and BigQuery, allowing researchers to process petabytes of satellite imagery without needing local high-end hardware.
AI Model Training: It is used extensively to develop and train machine learning models for sustainability, such as predicting deforestation risk or mapping species distributions.
Interactive Storytelling: Researchers use Colab to create interactive notebooks that combine live code with visualizations (like heatmaps of urban heat islands), making it an ideal tool for investigative journalists to “ground” their environmental reports in reproducible data.

The Portfolio Challenge by Google AI

Gbemisola Esho — Sat, 07 Feb 2026 13:00:49 +0000

This is a submission for the [New Year, New You Portfolio Challenge Presented by Google AI] Not really!(https://dev.to/challenges/new-year-new-you-google-ai-2025-12-31)
The Portfolio Challenge has come and gone but I still have this write up which well, I forgot to submit.
I followed the format for submission, I hope you enjoy it and learn from it.
Happy reading!

About Me

Gbemisola Esho is a multidisciplinary technology leader operating at the critical intersection of cloud security, artificial intelligence, and digital inclusion. With a career that spans technical infrastructure and investigative journalism, she brings a dual perspective to the global dialogue on AI: how to build secure, scalable systems, and how to ensure they serve the public interest in emerging economies.

As a cybersecurity practitioner, Gbemisola specializes in securing cloud architectures against complex threats. She is a recognized voice in the developer ecosystem, recently speaking at DevFest Kigali 2025 at Carnegie Mellon University Africa on "Bot Management with Google Cloud Armor and reCAPTCHA."
She is the Founder and Lead of Connectobridge, an initiative dedicated to closing the digital skills gap for women, youth, and underrepresented communities. Through this platform, she champions AI literacy and online safety, aligning her advocacy with the United Nations Sustainable Development Goals. As a journalist trained in the Pulitzer AI Spotlight Reporting program, she also wields the investigative skills to interrogate AI systems for bias, transparency, and accountability, challenging hype-driven narratives with evidence-based reporting.

Portfolio

This is the link to my portfolio with some projects and deployed on Cloud Run
{https://gbemisolaportfolio-627390562920.us-west1.run.app/}

How I Built It

Gbemisola's Portfolio: Creation & Deployment Process

Technical Stack & Development Frontend Architecture: Built using React 19 with TypeScript for type safety. The UI is crafted with Tailwind CSS, utilizing a "glassmorphism" aesthetic to reflect a modern, high-tech security vibe.

AI Integration: The "Resume Agent" uses the Gemini 3 Flash model. It's configured with a specific system instruction that defines your professional persona, project history, and technical expertise.

Security Features: The app implements a secure API key management flow. It uses the window.aistudio interface to let users provide their own keys, ensuring no sensitive credentials are hardcoded or stored on the server.

Containerization (Docker) To ensure the app runs identically in any environment, we use Docker. Base Image: A lightweight Nginx Alpine image.

Configuration: The Dockerfile copies the static assets (HTML, TSX, CSS) and configures Nginx to serve them. Crucially, it includes a template for nginx.conf that listens on the $PORT environment variable, which is a requirement for Google Cloud Run.

Automated CI/CD (Google Cloud Build) The deployment is fully automated using a cloudbuild.yaml pipeline: Step 1 (Build): When you push code, Cloud Build triggers a docker build, tagging the image with the specific Git commit SHA for version control.

Step 2 (Push): The built image is pushed to Google Container Registry (GCR).

Step 3 (Deploy): Cloud Build tells Google Cloud Run to pull the new image and update the service.

Serverless Hosting (Google Cloud Run) We chose Cloud Run for deployment because:

Zero-Scale: It scales to zero instances when there's no traffic, making it practically free for a personal portfolio.

Concurrency: It can handle multiple simultaneous requests efficiently.

Security: It provides an isolated, managed environment with automatic HTTPS and built-in protection against common infrastructure threats.

What I'm Most Proud Of
The Evolution from Static to Intelligent:
Most portfolios are digital paper. With Google AI studio I built a living technical agent integrating Gemini 3 Flash, I demonstrated how Generative AI can be used not just for "chat," but as a professional proxy that understands context, projects, and your professional persona.

Architectural Sophistication (Cloud-Native):
This isn't just hosted on a simple web provider, It is a production-grade pipeline that uses:
Dockerization for immutable deployments.
Google Cloud Run for serverless, cost-effective scaling.
Cloud Build CI/CD for automated security-focused delivery

NB:Most of what is in the portfolio is true but the actual projects disguised.

The Portfolio challenge was used to demonstrate the power of Gemini, AI Studio and Cloud Run Google technologies demonstrating how these technologies can make your projects come alive.

From Zero to Global: A Complete AI Video Workflow Using Google Cloud & Gemini

Gbemisola Esho — Sun, 18 Jan 2026 08:58:08 +0000

Content is king, but context is queen. In a country as diverse as Nigeria, creating digital content is only half the battle. The real challenge and opportunity lies in making that content accessible to everyone, whether they speak Yoruba, Hausa, or Igbo.

I recently explored the power of Google Vertex AI Studio to create a short film. I used cutting-edge tools like Google Veo and Imagen (via the “Nano Banana” MCP server) to generate stunning visuals. But I didn’t want to stop at just great visuals. I wanted to ensure the message could resonate across Nigeria’s linguistic landscape.

                Vertex AI Studio

Here is the step-by-step technical workflow I discovered for localizing AI-generated video content using the Google Cloud ecosystem.
The Visual Foundation
First, the video itself was created using Vertex AI Studio. By leveraging generative video models like Veo, I was able to turn text prompts into high-quality video clips. This formed the visual base of the project.

Creating viuals and films in Google Flow

But to take this video from a silent clip to a localized story, I needed a suite of Google Cloud APIs. Here is the architecture for localization.

Prompting in Vertex AI Studio

Step 1: Transcription (The Ear)
Tool: Google Cloud Speech-to-Text API
If your source video already has English audio (or any other language), the first step is extraction. You cannot translate what you haven't captured.
The Speech-to-Text API listens to the audio track of the video and converts spoken words into a text transcript. It's highly accurate and serves as the foundation for the rest of the pipeline.

Step 2: Translation (The Brain)
Tool: Google Cloud Translation API
Once I had the raw text, the next step was bridging the culture gap. I used the Cloud Translation API to convert the English transcript into Nigeria's major languages: Yoruba, Hausa, and Igbo.

Google has been actively expanding support for African languages, meaning the translations are becoming increasingly nuanced, handling idioms and context better than ever before.

Step 3: Vocalization (The Voice)
Tool: Google Cloud Text-to-Speech API
This is where the magic happens. Reading subtitles is great, but hearing a message in your mother tongue is powerful.
Using the Text-to-Speech API, I converted the translated Yoruba, Hausa, and Igbo scripts back into audio. This service synthesizes lifelike, neural speech. Instead of a robotic monotone, you get a voice-over that feels natural and engaging, which can then be synced back to the original video.
Step 4: Subtitling (The Eyes)
Tool: Google Cloud Transcoder API
For accessibility (and for those watching on mute), subtitles are non-negotiable.

Using the same translated text from Step 2, the Transcoder API allows you to burn captions directly into the video file or generate sidecar files (like .SRT). This ensures that even if the audio isn't played, the message is readable in the user's local language.
Why This Matters for African Tech
While Vertex AI handles the heavy lifting of creative generation (building the world, the characters, and the movement), these specialized APIs are the bridge to the user.
For independent media houses, creators, and developers in Africa, this stack represents a massive opportunity. We can now build:
Educational content that scales to every region.
News broadcasts that automatically generate local versions.
Entertainment that feels homegrown, regardless of where it was produced.
The tools are there. It is up to us to build the pipelines.

Did you find this workflow helpful? Follow me for more insights on building with Google Cloud and Vertex AI.

GoogleCloud #VertexAI #GenAI #Localization #AfricanTech

Cyber resilience in applications on AWS-Using AWS Security Hub.

Gbemisola Esho — Sat, 30 Dec 2023 14:59:38 +0000

With the rise of digital, the interconnectivity of the world is unquestionable and cyberspace is the world that was born, making the saying “The world is now a village” My words are “The world is now an interconnected village”.

As we are in the era of “digital everything” the need for cyber resilience has increased, paving the way to sustainable development and growth in the cybersecurity landscape.

A synergy between public and private sector stakeholders will help to find solutions. The late UN scribe Mr Kofi Annan said “There is no development with security and no security without development”

Solutions to problems of increase in cybertheft and data breaches lead only to the place of capacity building so cyber professionals are well equipped to identify, contain, and stop attacks that occur in cyberspace.

What is Cyber resilience?
This is the ability of an organisation to prevent withstand and recover from cyber-attacks.

Cyber resilience goes beyond preventing cyber attacks and has a proactive approach to cybersecurity. It anticipates that it still needs to detect and respond with minimal damage occurring as it recovers from attacks.

Components of Cyber resilience
Risk Assessment: It is important to take stock of the assets of your organisation, their value, and the potential vulnerability to know the cyber threat severity and impact

Prevention: Best security practices will be without fail help with prevention some examples include setting up firewalls, anti-virus, and security awareness training.

Detection: Intrusion detection systems, security information, event management systems, and monitoring tools should be addressed.

Response: A well-defined and drafted plan should always be in place and ready to be activated.

Recovery: The ability of an organisation to recover from a breach or an attack and return to normalcy as quickly as possible is very important to be resilient.

Adaptability: The ability to adjust to the fast pace of cyberspace and changing threats

Ensuring your applications are cyber-resilient is a continuous process you achieve this by ensuring best practices are followed and the right security posture.

Security Posture in Cyber Resilience

The security posture of an organisation is the organisation's overall cyber security readiness.
In AWS cloud security posture is managed by the AWS Security Hub

What is the AWS Security Hub?
The AWS security hub is an AWS resource that has the following function

Automates Security best practices: Security best practices in AWS are linked to a Well-Architected Framework which helps in making decisions on how to deploy our workload bearing in mind the need for secure deployments in the Cloud.
Aggregate security alerts into a single place and format
Helps in understanding your overall security posture across all of your AWS accounts.

Security Best Practises in AWS

The security pillar in the Well-Architected Framework emphasizes the advantage of cloud technologies by describing how to protect data, systems, and assets in a way that can improve your security posture.

There are several principles associated with this like
Implement a strong identity foundation: This requires implementing the principle of least privilege and enforcing separation of duties with appropriate authorization for each interaction with your AWS resources.

Maintain traceability: Logging and monitoring are key factors in maintaining traceability. The need for alerts and audits is critical as well.

Apply security at all layers: Defense-in-depth approach is applied with multiple security controls. Applied to all layers from networking, load balancing, operating systems, and application layers.

Automate security best practices: To securely scale more rapidly and cost-effectively, using automated software-based security mechanisms enhances your ability.

Protect data in transit and at rest: Encryption and classification of data into sensitivity levels is a best practice as well as the use of tokenization, and access control as well.

Data Restriction and Control: Reduce or eliminate the need for direct access or manual processing of data. This reduces the risk of mishandling or modification and human error when handling sensitive data.

_Security events readiness: Incident readiness is a priority with the robust incident management and investigation policy and processes that align with your organizational requirements.

The security Hub centrally manages security alerts

How it works

The security Hub Centre is a central security tool that is used to manage the security across several AWS accounts and automate security checks.

It has an integrated dashboard that displays the security and compliance status that helps in decision-making and taking action.

The AWS Security Hub aggregates alerts across different services like AWS Config, AWS GuardDuty, AWS Macie, IAM Aces Analyzer, AWS Systems Manager, AWS Firewall, AWS Health

AWS Config service is enabled for the Security Hub to work, looking at the diagram we can see that the Security Hub can cover multiple accounts at a time taking the findings from the AWS services mentioned finding out the potential issues and findings, and visualizing it on the dashboard.

EventBridge generates an event and Amazon Dectective investigates the source of the threat.

And finally, to investigate the source of these issues you can use Amazon Detective.

To know more about AWS Security Hub like this link

Introduction to Cloud I AM:Can I come in? Access Control in Google Cloud

Gbemisola Esho — Tue, 22 Aug 2023 01:28:04 +0000

In Google Cloud resources are arranged in a hierarchy with the organisation as the root node.To be able to access resources in Google Cloud you need identity access management in short called I AM.
Cloud I AM is how you decide who can do what in Google Cloud resources.To navigate this Google Cloud provides policies, identities and roles.
Lets get back to the hierarchy,every workload deployed in Google Cloud are organised as projects.The hierarchy flows from the organisation which is the root node to the folder and then the projects.

With I AM you manage "who" that is the identity does "what" access the role to which resource..
The organisation, folder and projects are used to organize your resources.
I AM ensures that the resources are accessed by those authenticated to do so and not by all users, for a user to gain access you need to have a role.Authenticated users/members are called Principals
An I AM policy also called an "allow policy" defines what role or roles are given to the principals and enforce them as well.
The I AM policies are attached to resources, if there are any attempts to access this resource, the policy will check if the user/principal is allowed to do so.
This is called Authorization.

Authentication vs Authorization
Authentication verifies "who" it proves who you say you are ,a principal, while authorization determines "what" you have access to, that is to say you can do what you want to do the "who" (authenticated) the "what"(role).
Authentication offers a general scope in security of your resources at a granular level whereas authentication is more fine-grained.

Credentials
Credentials are digital objects that provide prove of authentication that you are really who you say you are.
Examples of credentials include passwords,pins, and biometric data,a great example of this is logging into an email account with a password, and in trying to secure your account,you could protect it with a two-factor authentication in short 2FA.

AWS and Cyber Insurance

Gbemisola Esho — Fri, 23 Jun 2023 09:10:18 +0000

Data breaches have been on the rise, this is because data is the new currency. The growth and the spread of the internet in establishing "digital "have moved most businesses online this development has changed how data is managed.
AWS have a number of services and tools ensuring security in the cloud to make sure that the triple A of any basic security infrastructure is preserved that is Authentication, authorization and accounting framework is in place.

Triple A

Bearing that in mind, AWS help customers harden their infrastructure preventing cyber incidences by mitigating threats and compromises through detection with Amazon Guard Duty

Amazon Guard Duty.

Amazon Guard Duty protects by using intelligent threat detection, continuously monitoring malicious behaviour in your aws account and workloads.
AWS have taken security a notch higher by launching AWS Cyber insurance programme helping to link AWS partners with cyber security insurance otherwise know as "cyber insurance" and is foremost in this thrust, AWS shows its commitment to securing everything in the cloud and well as helping its partners improve their security posture by getting insurance at the snap of the finger.
AWS through its partner networks lead by Ryan Orsi who at AWS re:inforce said" AWS focuses on all partners in the security landscape the whole spectrum from Professional Services to the large conglomerates in helping to make security easier
Ryan Orsi, the head of AWS worldwide head of cloud foundations for the AWS Partner Network describes this as "A defining moment for here at AWS and our partners" this was unveiled at AWS reinforce 2023.

The AWS Cyber Insurance programme offering helps to take the stress of a lot paperwork and processes minimizing time and days spent in getting a quote.
AWS Cyber insurance Programme gives the assurance of getting a quote in 2 days or less helping to keep insurance premium down and these are all hinged on AWS Security Hub.

Amazon Security Hub
Amazon Security Hub a cloud security posture management service that performs security best practice checks, aggregates alerts, and enables automated remediation.

The programme is open to all enterprises from small to giant and AWS channel partners can choose any insurance dealer that is a designate of the programme whether they individual insurers,brokers or insurance companies, as AWS helps in the facilitate the relationship between their partners and the insurance company.
The AWS partner network create programmes to help the customers understand the best practices in AWS environment and the experts who help out the partners have technical checklist to assist every customer.
To know more about the AWS Cyber Insurance Programme visit the AWS Partners Network

Culled from CRN

What is the AWS Builder Programme all about?

Gbemisola Esho — Tue, 10 Jan 2023 12:36:45 +0000

This is a programme that offers growth and networking opportunities to AWS enthusiasts .

Do you love teaching, writing and sharing about technology? The Builders programme is the right place for you.
You will have access to resources like human resource and materials to grow in your career and you would be part of an elite set of people privy to AWS products and services before they are launched in the public.

That's not all! You have access to AWS staff, Product Managers and AWS Heros!

Guess what? That's not all, you say impossible right?
You also get swags!!

What are you waiting for? Apply here

To know more about the programme visit this website

Deploying Wordpress on Aws Lightsail and enabling HTTPS.

Gbemisola Esho — Wed, 07 Dec 2022 20:33:01 +0000

Lightsail is a powerful virtual server and one of the easiest way to launch and deploy your web apps and websites.
This saves you from building a site from the scratch at the snap of your fingers because as developers time is critical.
You can deploy wordpress in Lightsailand authenticate with the following steps.
Log into the lightsail console and create an instance

Choose your prefered instance and image and blue print,select your instance location and your availability zone

Go on to choose the plan you want and can afford

Go ahead and create your wordpress blue print deployed on lightsail instance
The next step is to connect to you instance through the SSH so you can get the Wordpress password

It results to this SSH session where you run the
cat $HOME/bitnami_application_password

This retrieves the application password and you sign into wordpress by using the public IP address going to the browser using this url http://PublicIpAddress/wp-login.php replacing "PublicIpAddress" with the public address IP of the instance

You go ahead to sign in to your wordpress site.

There you are! signed into your administration dashboard of your wordpress website.

You need to attach a permanent IP address which is the static IP address because the public IP changes when you start and stop the instance then you connect the static IP to the instance.You find this under networking,name it then create.

Go ahead to create your DNS ZONE this is also found under networking to and map a domain to the lightsail instance.To deloy checkout the tutorial https://aws.amazon.com/getting-started/hands-on/launch-a-wordpress-website/

Websites security gains the trust of users and you can achieve this by enabling Hyper text Protocol Secure (HTTPS) on your WordPress site .The assurance of encrypted data transfer on the website is gives the assurance of security.
The Bitnami HTTPS configuration tool (bncert) is used enable HTTPS on your Certified by Bitnami WordPress instance on Amazon Lightsail.
The tool requests certificates only for the domains and subdomains that specified when making your requests
To enable the tool ,you will connect to the instance via SSH and it opens when you are successfully connected

Enter the following command to run the tool to ascertain it is installed
sudo /opt/bitnami/bncert-tool this is the output

If it informs about an updated version,accept download then re-run the command again.

It will proceed further asking you to enter your primary domain name and alternate domain names separated by a space as shown.It would also ask how you want your website to be redirected.

Answer with a yes and continue
This was the website before it was encrypted

When bcert tool enabled encryption

The website after http has been added

Build,Host and Authenticate your fullstack react app with AWS Amplify in minutes.

Gbemisola Esho — Sun, 04 Dec 2022 10:13:36 +0000

Building a fullstack react app now really easy, AWS amplify has enabled the building ,hosting and deploying your app.
It is a development resource that makes building fast on AWS
It creates a workflow from Git-hub using a continuous integration and deployment pipeline.
The resource builds,hosts basic and static websites with serverless backends.

The first step is to create the app by running the following commands in the command prompton in the terminal:

npx create-react-app amplifyapp
cd amplifyapp
npm start
For the commands to work, you must have nodejs on your machine then you run the scripts on your command prompt

Initialize github and create a new repo for the app and push application to new git repo by running this commands.
git remote add origin git@github.com:username/reponame.git
git branch -M main
git push -u origin main

Log into the management console search for Amplify

Under Amplify hosting, go to get started

Click Github repository then continue

Authenticate with Github and choose the newly created repo plus main branch and click next

Configure your build settings, save and deploy

Aws amplify goes ahead to build source code and deploys the app

There sits your fullstack app in minutes once the build completes

To automatically deploy code changes edit src/App.js , I prefer to it in Vscode

Here is my https://main.doukipuj2x592.amplifyapp.com/

Build,Host and Authenticate your fullstack react app with AWS Amplify in minutes 1.

Gbemisola Esho — Sun, 04 Dec 2022 09:12:34 +0000

The first step is to create the app by running the following commands in the command prompton in the terminal:

npx create-react-app amplifyapp
cd amplifyapp
npm start
For the commands to work, you must have nodejs on your machine then you run the scripts on your command prompt

Log into the management console search for Amplify

Under Amplify hosting, go to get started

Click Github repository then continue

Authenticate with Github and choose the newly created repo plus main branch and click next

Then you go right ahead to configure build setting, review

Amplify goes ahead to build source code

Your app is ready

You can then automatically deploy code changes from src/app.js in a text editor like Visual studio

Push to github and run the following command in the terminal

git add .
git commit -m “changes for v2”
git push origin main

When the build completes view your app in the Amplify console
https://main.doukipuj2x592.amplifyapp.com/

First step is get an AWS free-tier account here

What Machine Learning can do in an Outbreak Pt 1

Gbemisola Esho — Fri, 02 Sep 2022 15:08:39 +0000

The World around is constantly seeking for attention,often times we never pay attention till defining moments occur.
We live in critical times now,from disease outbreaks to public Health Emergency concerns,the need for decisive actions cannot be overemphasized.
Experts need to curtail this outbreaks with accurate data and speed to curb the spread and eventually get figures to drop as the health concerns die out.
Research and efficient service delivery is always prioritised as well as getting vaccines to curb the virus.
AWS Machine learning resources are there, to help you make sense of it all, starting from the data collected and keeping at pace with innovation.
AWS Service delivery pretty much covers it all,always conforming to the "Well Architected" framework delivering reliability, security, and data privacy also.
AWS machine learning has empowered healthcare providers and the stakeholders in the ecosystem to improve and accelerate, accelerating diagnosis while managing global health, enabling drug discovery, and using technology to update health infrastructure globally.
Amazon healthlake has acted as an aggregator,of diverse data collected in healthcare and making sense of it by analysis, organizing in with modern architecture and performs advanced analytics.
The actions of healthlake compound in helping with critical decisions made by health stakeholders in resource allocation and predictions made on patient health and mode of treatment.
Machine learning draws out important data to make decisions on advancing science,drug discovering and health management.

Healthlake flow of activity are as follows:

Import 2.Store 3.Transform 4.Query and Search 5.Analyze

For more information visit https://pages.awscloud.com/HealthContactSales.html?languages=english

Why you need AWS I AM Identity Centre.

Gbemisola Esho — Thu, 25 Aug 2022 11:05:00 +0000

AWS I AM identity centre

formerly known as AWS SSO is a centralized, one stop centre where access is managed for AWS accounts and application.
I AM which is Identity Access Management holds a pivotal place in cloud computing and in Aws resources because functionality of resources and architecture.
IAM basically provides authentication on a granular level resource by resource in the AWS environment. It gives flexibility and creativity on how you design ,tailor accessibility and permissions.
As interesting as this may sound, the limitation is that you have to grant permission to an account by account basis.
The Well Architected Framework was a way out of this otherwise cumbersome task in helping to build scalable designs.

AWS Single Sign-On (AWS SSO)

—is an expression of IAM, built on its structure to provide centralized access management to across AWS accounts. The need was further enforced by and through customers use and adoption of multi-account AWS environments made AWS decide to provide the service.

I AM identity center is free and it helps in simplifying access to the aws environment with multiple accounts.Although the AWS IAM center formerly known as AWS Single Sign on(AWS SSO) was used for multi -account

I AM IDENTITY CENTER helps you connect to your existing workforce directory, create users in one place to use across aws services.
The youtube video below explains more
https://youtu.be/4yJp5-jGGNk
I am identity center can do the following:

1.Enable multi-account access to your AWS accounts.
2.Enable single sign-on access to your AWS applications.
3.Enable single sign-on access to Amazon EC2 Windows instances.
4.Enable single sign-on access to cloud-based applications.