top of page
Search

Indonesian Mining Contractor Enhances IAM and Threat Detection on AWS

  • Writer: ICS Compute
    ICS Compute
  • Sep 8
  • 2 min read

Updated: Sep 30

Mining Contractor Company Enhances Access Security and Identity Management on AWS

About the Customer


An Indonesian mining contractor improved AWS security by centralizing identity with IAM Identity Center and CloudTrail, while enabling GuardDuty for real-time threat detection. The solution cut admin workload by 30% and delivered scalable, least-privilege access for employees and vendors.


Customer Challenge


Before modernization, the mining contractor struggled to manage identity and security across multiple AWS accounts.


Manual permission configuration was slow and error-prone, vendor accounts often had standing access without safeguards, and tracking user activities left compliance gaps.


At the same time, there was no centralized threat detection or automated response, leaving the company unable to quickly identify or react to anomalies.


These challenges highlighted the need for a centralized, secure, and auditable identity management system integrated with scalable threat detection and automated incident response.


Partner Solution


Working with PT Innovation Cloud Services (ICS Compute), an AWS Advanced Consulting Partner, the customer implemented a security and identity management solution leveraging AWS-native services:


  • AWS IAM Identity Center (SSO) served as a single login portal for both employees and external vendors, with role-based permission sets aligned to least-privilege principles. Automated provisioning and de-provisioning enabled just-in-time access for vendors, eliminating standing permissions.


  • AWS CloudTrail captured all login events, role assumptions, and API activity, providing complete audit trails to simplify compliance reporting and strengthen governance.

  • Integration with AWS Organizations allowed consistent role assignments across development, production, and log archive accounts, while creating a flexible framework to onboard new accounts and users as the business expanded its AWS adoption.

  • To strengthen Threat Detection & Response (TD&R), Amazon GuardDuty was enabled across all accounts and delegated to the centralized Audit Account. Findings were ingested through Amazon EventBridge, processed by AWS Lambda for enrichment or filtering, and then pushed to Amazon SNS for real-time notifications. This automated pipeline reduced response times, ensured high-priority alerts were immediately escalated to the security team, and provided a scalable mechanism to continuously monitor and respond to threats across the multi-account environment.

Results and Benefits


The implementation delivered significant operational and security improvements:

  • 30% reduction in administrative workload by removing manual permission management.

  • Faster and more secure onboarding/offboarding for employees and vendors through

  • automated role assignments and time-bound access.

  • Improved compliance assurance with comprehensive, centralized audit trails of all identity-related activities.

  • Reduced risk of unauthorized access by enforcing least-privilege and eliminating standing vendor accounts.

  • Enhanced threat detection and response by enabling Amazon GuardDuty across all

    accounts, centralizing findings, and automating response workflows, reducing incident response time from hours to minutes.


About the Partner


PT. Innovation Cloud Services (ICS Compute) is Indonesia’s first AWS Advanced Consulting Partner, specializing in secure cloud adoption, modernization, and managed services.


Recognized with AWS Competencies in Migration & Modernization, DevOps, Resilience, and Generative AI, ICS Compute helps enterprises transform operations with scalable, secure, and compliant AWS solutions.

bottom of page