AWS places a strong emphasis on security, providing a robust foundation for building secure applications and workloads. However, it's essential to understand the 𝘀𝗵𝗮𝗿𝗲𝗱 𝗿𝗲𝘀𝗽𝗼𝗻𝘀𝗶𝗯𝗶𝗹𝗶𝘁𝘆 𝗺𝗼𝗱𝗲𝗹:
𝗔𝗪𝗦 𝗥𝗲𝘀𝗽𝗼𝗻𝘀𝗶𝗯𝗶𝗹𝗶𝘁𝘆: Securing the underlying cloud infrastructure (hardware, virtualization, networking, etc.).
𝗬𝗼𝘂𝗿 𝗥𝗲𝘀𝗽𝗼𝗻𝘀𝗶𝗯𝗶𝗹𝗶𝘁𝘆: Securing the workloads running on the AWS infrastructure (operating systems, applications, data, etc.).
𝗞𝗲𝘆 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗙𝗲𝗮𝘁𝘂𝗿𝗲𝘀 𝗮𝗻𝗱 𝗦𝗲𝗿𝘃𝗶𝗰𝗲𝘀:
𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆 𝗮𝗻𝗱 𝗔𝗰𝗰𝗲𝘀𝘀 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 (𝗜𝗔𝗠): Centralized control of user access to AWS resources, Multi-factor authentication (MFA), Role-based access control (RBAC).
𝗢𝗿𝗴𝗮𝗻𝗶𝘇𝗮𝘁𝗶𝗼𝗻𝘀: Consolidate and manage multiple AWS accounts under a single umbrella. Set permissions boundaries using Service Control Policies (SCPs) to prevent unauthorized access and actions.
𝗧𝗿𝘂𝘀𝘁𝗲𝗱 𝗔𝗱𝘃𝗶𝘀𝗼𝗿: Helps to optimize AWS environment by providing real-time recommendations across several key areas such as cost optimization, performance, security etc.
𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗚𝗿𝗼𝘂𝗽𝘀: Act as virtual firewalls for EC2 instances.
𝗡𝗲𝘁𝘄𝗼𝗿𝗸 𝗔𝗰𝗰𝗲𝘀𝘀 𝗖𝗼𝗻𝘁𝗿𝗼𝗹 𝗟𝗶𝘀𝘁𝘀 (𝗡𝗔𝗖𝗟𝘀): Control inbound and outbound traffic for subnets.
𝗪𝗔𝗙: Protects web applications from common web exploits.
𝗞𝗲𝘆 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 𝗦𝗲𝗿𝘃𝗶𝗰𝗲 (𝗞𝗠𝗦): Manages and controls cryptographic keys.
𝗔𝗺𝗮𝘇𝗼𝗻 𝗜𝗻𝘀𝗽𝗲𝗰𝘁𝗼𝗿: Automatically assesses application vulnerabilities.
𝗖𝗹𝗼𝘂𝗱𝗧𝗿𝗮𝗶𝗹: Records AWS API calls for auditing and compliance.
𝗚𝘂𝗮𝗿𝗱𝗗𝘂𝘁𝘆: Threat detection service for malicious activity.
𝗖𝗼𝗻𝗳𝗶𝗴: Tracks configuration changes to AWS resources.
𝗦𝗵𝗶𝗲𝗹𝗱: Protects against DDoS attacks.
𝗖𝗲𝗿𝘁𝗶𝗳𝗶𝗰𝗮𝘁𝗲 𝗠𝗮𝗻𝗮𝗴𝗲𝗿: Manages SSL/TLS certificates.
𝗦𝗲𝗰𝗿𝗲𝘁𝘀 𝗠𝗮𝗻𝗮𝗴𝗲𝗿: Helps to securely store and retrieve sensitive information such as database credentials, API keys, OAuth tokens, and other secrets.
𝗖𝗹𝗼𝘂𝗱𝗛𝗦𝗠: Provides hardware security modules (HSMs) for generating and storing cryptographic keys.
𝗔𝗪𝗦 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗛𝘂𝗯: It is a cloud security posture management (CSPM) service that performs security best practice checks, aggregates alerts, and enables automated remediation.
Top comments (0)