Submit Search
Upload
AWS Security Overview and Best Practices
•
33 likes
•
4,490 views
AI-enhanced title
Amazon Web Services
Follow
AWSome Day Online Conference 2019 - Module 3 AWS Security
Read less
Read more
Report
Share
Report
Share
1 of 35
Recommended
AWSome Day Online Conference 2019 - Module 2 AWS Core Services.pdf
AWSome Day Online Conference 2019 - Module 2 AWS Core Services.pdf
Amazon Web Services
AWSome Day Online Conference 2019 - Module 1 AWS Cloud Concepts.pdf
AWSome Day Online Conference 2019 - Module 1 AWS Cloud Concepts.pdf
Amazon Web Services
AWSome Day Online Conference 2019 - Module 5 AWS Pricing and Support.pdf
AWSome Day Online Conference 2019 - Module 5 AWS Pricing and Support.pdf
Amazon Web Services
Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Amazon Web Services
Module 1: Introduction to the AWS Cloud - AWSome Day Online Conference 2019
Module 1: Introduction to the AWS Cloud - AWSome Day Online Conference 2019
Amazon Web Services
Building Mobile Apps with AWS Amplify
Building Mobile Apps with AWS Amplify
Amazon Web Services
Deploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control Tower
Amazon Web Services
Introduction to Serverless
Introduction to Serverless
Amazon Web Services
Recommended
AWSome Day Online Conference 2019 - Module 2 AWS Core Services.pdf
AWSome Day Online Conference 2019 - Module 2 AWS Core Services.pdf
Amazon Web Services
AWSome Day Online Conference 2019 - Module 1 AWS Cloud Concepts.pdf
AWSome Day Online Conference 2019 - Module 1 AWS Cloud Concepts.pdf
Amazon Web Services
AWSome Day Online Conference 2019 - Module 5 AWS Pricing and Support.pdf
AWSome Day Online Conference 2019 - Module 5 AWS Pricing and Support.pdf
Amazon Web Services
Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Using AWS Control Tower to govern multi-account AWS environments at scale - G...
Amazon Web Services
Module 1: Introduction to the AWS Cloud - AWSome Day Online Conference 2019
Module 1: Introduction to the AWS Cloud - AWSome Day Online Conference 2019
Amazon Web Services
Building Mobile Apps with AWS Amplify
Building Mobile Apps with AWS Amplify
Amazon Web Services
Deploy and Govern at Scale with AWS Control Tower
Deploy and Govern at Scale with AWS Control Tower
Amazon Web Services
Introduction to Serverless
Introduction to Serverless
Amazon Web Services
CI/CD pipelines on AWS - Builders Day Israel
CI/CD pipelines on AWS - Builders Day Israel
Amazon Web Services
Fundamentals of Cloud Computing & AWS
Fundamentals of Cloud Computing & AWS
Bhuvaneswari Subramani
Deep dive into AWS IAM
Deep dive into AWS IAM
Amazon Web Services
Fundamentals of AWS Security
Fundamentals of AWS Security
Amazon Web Services
AWS Control Tower
AWS Control Tower
CloudHesive
Designing security & governance via AWS Control Tower & Organizations - SEC30...
Designing security & governance via AWS Control Tower & Organizations - SEC30...
Amazon Web Services
Intro to AWS: Security
Intro to AWS: Security
Amazon Web Services
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
Amazon Web Services
Building Event-driven Architectures with Amazon EventBridge
Building Event-driven Architectures with Amazon EventBridge
James Beswick
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016
Amazon Web Services
[NEW LAUNCH!] Introduction to AWS Global Accelerator (NET330) - AWS re:Invent...
[NEW LAUNCH!] Introduction to AWS Global Accelerator (NET330) - AWS re:Invent...
Amazon Web Services
Webinar aws 101 a walk through the aws cloud- introduction to cloud computi...
Webinar aws 101 a walk through the aws cloud- introduction to cloud computi...
Amazon Web Services
Introduction to AWS Security
Introduction to AWS Security
Amazon Web Services
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Amazon Web Services
Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019
Amazon Web Services
Enterprise Governance: Build Your AWS Landing Zone (ENT351-R1) - AWS re:Inven...
Enterprise Governance: Build Your AWS Landing Zone (ENT351-R1) - AWS re:Inven...
Amazon Web Services
AWS를 활용한 글로벌 오피스 업무 환경 구축하기 - 류한진, 이랜드시스템스 :: AWS Summit Seoul 2019
AWS를 활용한 글로벌 오피스 업무 환경 구축하기 - 류한진, 이랜드시스템스 :: AWS Summit Seoul 2019
Amazon Web Services Korea
Setting Up a Landing Zone
Setting Up a Landing Zone
Amazon Web Services
AWS Web Application Firewall and AWS Shield - Webinar
AWS Web Application Firewall and AWS Shield - Webinar
Amazon Web Services
Accelerating App Development with AWS Amplify
Accelerating App Development with AWS Amplify
Amazon Web Services
Module 4: Secure your cloud applications - AWSome Day Online Conference 2019
Module 4: Secure your cloud applications - AWSome Day Online Conference 2019
Amazon Web Services
Identity and Access Management and Directory Services
Identity and Access Management and Directory Services
Amazon Web Services
More Related Content
What's hot
CI/CD pipelines on AWS - Builders Day Israel
CI/CD pipelines on AWS - Builders Day Israel
Amazon Web Services
Fundamentals of Cloud Computing & AWS
Fundamentals of Cloud Computing & AWS
Bhuvaneswari Subramani
Deep dive into AWS IAM
Deep dive into AWS IAM
Amazon Web Services
Fundamentals of AWS Security
Fundamentals of AWS Security
Amazon Web Services
AWS Control Tower
AWS Control Tower
CloudHesive
Designing security & governance via AWS Control Tower & Organizations - SEC30...
Designing security & governance via AWS Control Tower & Organizations - SEC30...
Amazon Web Services
Intro to AWS: Security
Intro to AWS: Security
Amazon Web Services
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
Amazon Web Services
Building Event-driven Architectures with Amazon EventBridge
Building Event-driven Architectures with Amazon EventBridge
James Beswick
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016
Amazon Web Services
[NEW LAUNCH!] Introduction to AWS Global Accelerator (NET330) - AWS re:Invent...
[NEW LAUNCH!] Introduction to AWS Global Accelerator (NET330) - AWS re:Invent...
Amazon Web Services
Webinar aws 101 a walk through the aws cloud- introduction to cloud computi...
Webinar aws 101 a walk through the aws cloud- introduction to cloud computi...
Amazon Web Services
Introduction to AWS Security
Introduction to AWS Security
Amazon Web Services
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Amazon Web Services
Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019
Amazon Web Services
Enterprise Governance: Build Your AWS Landing Zone (ENT351-R1) - AWS re:Inven...
Enterprise Governance: Build Your AWS Landing Zone (ENT351-R1) - AWS re:Inven...
Amazon Web Services
AWS를 활용한 글로벌 오피스 업무 환경 구축하기 - 류한진, 이랜드시스템스 :: AWS Summit Seoul 2019
AWS를 활용한 글로벌 오피스 업무 환경 구축하기 - 류한진, 이랜드시스템스 :: AWS Summit Seoul 2019
Amazon Web Services Korea
Setting Up a Landing Zone
Setting Up a Landing Zone
Amazon Web Services
AWS Web Application Firewall and AWS Shield - Webinar
AWS Web Application Firewall and AWS Shield - Webinar
Amazon Web Services
Accelerating App Development with AWS Amplify
Accelerating App Development with AWS Amplify
Amazon Web Services
What's hot
(20)
CI/CD pipelines on AWS - Builders Day Israel
CI/CD pipelines on AWS - Builders Day Israel
Fundamentals of Cloud Computing & AWS
Fundamentals of Cloud Computing & AWS
Deep dive into AWS IAM
Deep dive into AWS IAM
Fundamentals of AWS Security
Fundamentals of AWS Security
AWS Control Tower
AWS Control Tower
Designing security & governance via AWS Control Tower & Organizations - SEC30...
Designing security & governance via AWS Control Tower & Organizations - SEC30...
Intro to AWS: Security
Intro to AWS: Security
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
Building Event-driven Architectures with Amazon EventBridge
Building Event-driven Architectures with Amazon EventBridge
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016
[NEW LAUNCH!] Introduction to AWS Global Accelerator (NET330) - AWS re:Invent...
[NEW LAUNCH!] Introduction to AWS Global Accelerator (NET330) - AWS re:Invent...
Webinar aws 101 a walk through the aws cloud- introduction to cloud computi...
Webinar aws 101 a walk through the aws cloud- introduction to cloud computi...
Introduction to AWS Security
Introduction to AWS Security
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019
Enterprise Governance: Build Your AWS Landing Zone (ENT351-R1) - AWS re:Inven...
Enterprise Governance: Build Your AWS Landing Zone (ENT351-R1) - AWS re:Inven...
AWS를 활용한 글로벌 오피스 업무 환경 구축하기 - 류한진, 이랜드시스템스 :: AWS Summit Seoul 2019
AWS를 활용한 글로벌 오피스 업무 환경 구축하기 - 류한진, 이랜드시스템스 :: AWS Summit Seoul 2019
Setting Up a Landing Zone
Setting Up a Landing Zone
AWS Web Application Firewall and AWS Shield - Webinar
AWS Web Application Firewall and AWS Shield - Webinar
Accelerating App Development with AWS Amplify
Accelerating App Development with AWS Amplify
Similar to AWS Security Overview and Best Practices
Module 4: Secure your cloud applications - AWSome Day Online Conference 2019
Module 4: Secure your cloud applications - AWSome Day Online Conference 2019
Amazon Web Services
Identity and Access Management and Directory Services
Identity and Access Management and Directory Services
Amazon Web Services
AWS Identity Access Management
AWS Identity Access Management
Richard Harvey
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Amazon Web Services
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Amazon Web Services
Pitt Immersion Day Module 5 - security overview
Pitt Immersion Day Module 5 - security overview
EagleDream Technologies
AWSome Day Online Conference 2018 - Module 3
AWSome Day Online Conference 2018 - Module 3
Amazon Web Services
How to Implement a Well-Architected Security Solution.pdf
How to Implement a Well-Architected Security Solution.pdf
Amazon Web Services
Capital One case study: Addressing compliance and security within AWS - FND21...
Capital One case study: Addressing compliance and security within AWS - FND21...
Amazon Web Services
Proteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWS
Amazon Web Services
AWSome Day Online 2020_Module 4: Secure your cloud applications
AWSome Day Online 2020_Module 4: Secure your cloud applications
Amazon Web Services
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณ
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณ
Amazon Web Services
HSBC and AWS Day - Security Identity and Access Management
HSBC and AWS Day - Security Identity and Access Management
Amazon Web Services
AWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud Anda
AWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud Anda
Amazon Web Services
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Amazon Web Services
Getting Started with AWS Security
Getting Started with AWS Security
Amazon Web Services
Sicurezza in AWS automazione e best practice
Sicurezza in AWS automazione e best practice
Amazon Web Services
AWS18_StartupDayToronto_SecuringYourCustomersDataFromDayOne
AWS18_StartupDayToronto_SecuringYourCustomersDataFromDayOne
Amazon Web Services
Deep dive - AWS security by design
Deep dive - AWS security by design
Richard Harvey
How AI is disrupting the world
How AI is disrupting the world
Amazon Web Services
Similar to AWS Security Overview and Best Practices
(20)
Module 4: Secure your cloud applications - AWSome Day Online Conference 2019
Module 4: Secure your cloud applications - AWSome Day Online Conference 2019
Identity and Access Management and Directory Services
Identity and Access Management and Directory Services
AWS Identity Access Management
AWS Identity Access Management
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Pitt Immersion Day Module 5 - security overview
Pitt Immersion Day Module 5 - security overview
AWSome Day Online Conference 2018 - Module 3
AWSome Day Online Conference 2018 - Module 3
How to Implement a Well-Architected Security Solution.pdf
How to Implement a Well-Architected Security Solution.pdf
Capital One case study: Addressing compliance and security within AWS - FND21...
Capital One case study: Addressing compliance and security within AWS - FND21...
Proteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWS
AWSome Day Online 2020_Module 4: Secure your cloud applications
AWSome Day Online 2020_Module 4: Secure your cloud applications
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณ
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณ
HSBC and AWS Day - Security Identity and Access Management
HSBC and AWS Day - Security Identity and Access Management
AWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud Anda
AWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud Anda
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Getting Started with AWS Security
Getting Started with AWS Security
Sicurezza in AWS automazione e best practice
Sicurezza in AWS automazione e best practice
AWS18_StartupDayToronto_SecuringYourCustomersDataFromDayOne
AWS18_StartupDayToronto_SecuringYourCustomersDataFromDayOne
Deep dive - AWS security by design
Deep dive - AWS security by design
How AI is disrupting the world
How AI is disrupting the world
More from Amazon Web Services
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
Amazon Web Services
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
Amazon Web Services
Open banking as a service
Open banking as a service
Amazon Web Services
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Amazon Web Services
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
Computer Vision con AWS
Computer Vision con AWS
Amazon Web Services
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
Tools for building your MVP on AWS
Tools for building your MVP on AWS
Amazon Web Services
How to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Amazon Web Services
Building a web application without servers
Building a web application without servers
Amazon Web Services
Fundraising Essentials
Fundraising Essentials
Amazon Web Services
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Amazon Web Services
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
Amazon Web Services
More from Amazon Web Services
(20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
Open banking as a service
Open banking as a service
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Computer Vision con AWS
Computer Vision con AWS
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Tools for building your MVP on AWS
Tools for building your MVP on AWS
How to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Building a web application without servers
Building a web application without servers
Fundraising Essentials
Fundraising Essentials
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
AWS Security Overview and Best Practices
1.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Module 3: Security Overview
2.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Topics • Introduction to AWS Security • The AWS Shared Responsibility Model • AWS Access Control and Management • AWS Security Resources and Features
3.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved.
4.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Introduction to AWS Security Security is of the utmost importance to AWS. • Approach to security • AWS environment controls • AWS offerings and features
5.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Keep Your Data Safe • Resilient infrastructure • High security • Strong safeguards
6.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Continual Improvement • Rapid innovation • Constantly evolving security services
7.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Pay For What You Need • Advanced security services • Address real-time emerging risks • Meeting needs at a lower operational cost
8.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Meet Compliance Requirements Governance-enabled features • Additional oversight • Security control • Central automation
9.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Security Products and Features Tools • Access from AWS and partners • Use for monitoring and logging
10.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Network Security • Built-in firewalls • Encryption in transit • Private/dedicated connections • Distributed denial of service (DDoS) mitigation
11.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Inventory and Configuration Management • Deployment tools • Inventory and configuration tools • Template definition and management tools
12.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Data Encryption • Encryption capabilities • Key management options • AWS Key Management Service • Hardware-based cryptographic key storage options • AWS CloudHSM
13.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Access Control and Management • AWS Identity and Access Management (IAM) • AWS Multi-factor authentication (MFA) • Integration and federation with corporate directories • Amazon Cognito • AWS SSO
14.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Monitoring and Logging Tools and features to reduce your risk profile: • Deep visibility into API calls • Log aggregation and options • Alert notifications
15.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS Marketplace • Qualified partners to market/sell software to AWS customers • Online software store that can run on AWS
16.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved.
17.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Shared Responsibility Model
18.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Security of the Cloud Protection of the AWS global infrastructure is top priority Availability of third-party reports
19.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Security of the Cloud • Amazon EC2 • Amazon EBS AWS Foundation Services Unmanaged services Managed Services • Amazon DynamoDB • Amazon RDS • Amazon Redshift • Amazon EMR • Amazon WorkSpaces
20.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Security in the Cloud • What to store • Which AWS services • In what location • In what content format and structure • Who has access
21.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Security in the Cloud • Customers retain control • Changes to model depend on services
22.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved.
23.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS IAM Control access to AWS resources • Authentication • Authorization Controls access to services such as: • Compute • Storage • Database • Application services
24.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS IAM Create users and groups Grant permissions User Group Permissions Role
25.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS IAM Functionality Manage • Users and their access • Roles and their permissions • Federate users and their permissions IAM Corp
26.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS Account Root User Account root user has complete access to all AWS Services.
27.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS Account Root User Recommendations 1. Delete root user access keys. 2. Create an IAM user. 3. Grant administrator access. 4. Use IAM credentials to interact with AWS. IAM
28.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS IAM: Authentication Programmatic access • Enables access key ID and secret access key Management console access • Uses AWS account name and password • MFA prompts for code
29.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS IAM: Authorization Access AWS services • Grant authorization Assign permissions • Create an AWS IAM policy
30.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS IAM: Policy Assignment IAM User IAM Policy IAM Group IAM Roles
31.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Let’s take a look at the AWS IAM DEMO
32.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS IAM DEMO
33.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. IAM Best Practices • Delete AWS root account access keys • Activate multi-factor authentication (MFA) • Give IAM users only the permissions they must have • Use IAM groups • Apply an IAM password policy
34.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. IAM Best Practices • Roles • Use roles for applications • Use roles instead of sharing credentials • Credentials • Rotate credentials regularly • Remove unnecessary users and credentials • Use policy conditions for extra security • Monitor activity in your AWS account
35.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved.