DEV Community

Play Button Pause Button
Andrew Brown 🇨🇦 for ExamPro

Posted on • Updated on

AWS White Paper Walkthrough - Security Overview of AWS Lambda March 2019

This AWS White Paper was just announced a few days ago by Jeff Bar and its on the Security of AWS Lambda. I don't know about you but I find it quite the chore to read through white papers so I made a video extracting out the important information while also contextualizing with examples.

If you want to see any specific AWS White Papers receive the treatment of a video walkthrough comment on down below.

Top comments (2)

Collapse
 
bestwifirouter profile image
Best Wireless Router

which is better digital ocean or aws for wordpress

Site:bestwifirouterguide.com/

Collapse
 
andrewbrown profile image
Andrew Brown 🇨🇦 • Edited

The Instance

When you create an instance you can provision it yourself by following an online tutorial to install wordpress or you can choose from the marketplace (eg. AWS Marketplace or Digital Ocean Marketplace) an instance that already has Wordpress installed. I always suggest that later because these companies specialize in to ensure the server is hardened and avoids common exploits related to Wordpress.

So here you can see in the AWS Marketplace that have 121 vendors that offer Wordpress which can be free or cost a monthly subscription for them to keep the instance up to date.

So by paying $10 USD extra per month, you can get a very secure regularly maintained Machine Image.

AWS has more options and better vendors, and on AWS you can get started with the free tier.

WAF

Another thing you want to consider is a Web Application Firewall (WAF) which can filter out bad traffic. If you have a website it's making serious money you should have a WAF. Many times WAFs are bundled with CDNs and DDoS mitigation.

As far as I know, Digital Ocean only has a Network Firewall as a managed service and not a WAF. WAFs are more much more intelligent over Network Firewalls. You can't use AWS WAF with Digital Ocean because AWS WAF only works with two AWS services CloudFront and Application Load Balancer.

In the AWS WAF marketplace they already have managed rules you can purchase for a vendor something like 20 USD per month which will give you really good protection.

If you wanted to use a WAF with CloudFront you would need to use a third-party service such as Akamai.

If this a serious business and you need fine tune control of your security than AWS makes more sense. If this is a hobby project and you don't want to think too much about dev-ops Digital Ocean is straight forward and easier to use.