AWS SECURITY OVERVIEW Anton Pogoryelyi DevOps TechLead @ Bazaarvoice
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
AWS SECURITY OVERVIEW
Anton PogoryelyiDevOps TechLead @ Bazaarvoice
AGENDA
• Security matters
• Shared security model
• AWS security features overview
• Security processes automation
SECURITY MATTERSFrom few $ to out of business stories
SHARED SECURITY MODELFor IaaS
SHARED SECURITY MODELFor PaaS
For SaaSSHARED SECURITY MODEL
KEY SECURITY FEATURES
VPCReduce your surface to protect
BASTIONProtect SSH/RDS access
with bastion host
SECURITY GROUPSMulti-tier architecture
IAMIAM Users/Groups/Roles
IAM TEMPORARY CREDENTIAL
SUsing IAM roles and temporary security credentials means you don't always have to manage long-term credentials and IAM users for each entity that requires access to a resource.
SECURITY PROCESS
AUTOMATION• bastion configuration• IAM access• mandatory tags• cost alerts• repository checks
OUR BEAVERS
ARMY• Conformity Beaver –
resource tagging check• Janitor Beaver – unused
resources check• Security Beaver – security
best practices check• Miserly Beaver – cost
anomalies check
THANK YOUQuestions?
Related Documents
![[AWS Summit 2012] ソリューションセッション#4 AWS: Overview of Security Processes](https://static.cupdf.com/doc/110x72/558d2582d8b42a21638b45d7/aws-summit-2012-4-aws-overview-of-security-processes.jpg)
