Architecting for Security on AWS
Damian Igbe NetCom Learning www.netcomlearning.com | info@netcomlearning.com | (888) 563 8266
Š1998-2018 NetCom Learning
Agenda
• • • •
Understanding AWS security architecture How to protect AWS credentials How to capture and analyze the Logs How to protect network and host-level boundaries
www.netcomlearning.com | info@netcomlearning.com | (888) 563 8266
©1998-2018 NetCom Learning
AWS Shared Responsibility Model
www.netcomlearning.com | info@netcomlearning.com | (888) 563 8266
Š1998-2018 NetCom Learning
AWS IAM Best Practices ●
Lock Away Your AWS Account Root User Access Keys
●
Create Individual IAM Users
●
Use Groups to Assign Permissions to IAM Users
●
Use AWS Defined Policies to Assign Permissions Whenever Possible
●
Grant Least Privilege
●
Use Access Levels to Review IAM Permissions
●
Configure a Strong Password Policy for Your Users
●
Enable MFA for Privileged Users
●
Use Roles for Applications That Run on Amazon EC2 Instances
●
Use Roles to Delegate Permissions
●
Do Not Share Access Keys
●
Rotate Credentials Regularly
●
Remove Unnecessary Credentials
●
Use Policy Conditions for Extra Security
●
Monitor Activity in Your AWS Account www.netcomlearning.com | info@netcomlearning.com | (888) 563 8266
©1998-2018 NetCom Learning
Cloud Visibility with AWS CloudTrail
www.netcomlearning.com | info@netcomlearning.com | (888) 563 8266
Š1998-2018 NetCom Learning
CloudTrail Use Cases
• • • •
Security Analysis Track Changes to AWS resources Troubleshoot Operational issues Compliance aid
www.netcomlearning.com | info@netcomlearning.com | (888) 563 8266
©1998-2018 NetCom Learning
Network and Host-Level Security
• VPC Security Considerations • Security Groups • Network ACLs(NACL)
www.netcomlearning.com | info@netcomlearning.com | (888) 563 8266
©1998-2018 NetCom Learning
Recorded Webinar Video
To watch the recorded webinar video for live demos, please access the link: https://goo.gl/4kiV9W
www.netcomlearning.com | info@netcomlearning.com | (888) 563 8266
Š1998-2018 NetCom Learning
About NetCom Learning
www.netcomlearning.com | info@netcomlearning.com | (888) 563 8266
Š1998-2018 NetCom Learning
Recommended Courses
» Security Operations on AWS » Architecting on AWS - Class scheduled on Dec 10 » Developing on AWS - Class scheduled on Dec 10 » AWS Technical Essentials - Class scheduled on Dec 14 » Systems Operations on AWS - Class scheduled on Dec 17 » Advanced Architecting on AWS - Class scheduled on Dec 17 » DevOps Engineering on AWS - Class scheduled on Jan 28
www.netcomlearning.com | info@netcomlearning.com | (888) 563 8266
©1998-2018 NetCom Learning
Big Data for Enterprise: Managing Data and Values Top Reasons to Master Agile Scrum and its Benefits Clean Architecture: Patterns, Practices, and Principles CEH: Understanding Ethical Hacking SQL Server 2017: Application Development Best Practices
www.netcomlearning.com | info@netcomlearning.com | (888) 563 8266
Š1998-2018 NetCom Learning
Promotions
The year 2018 is coming to an end, though learning is a continuous process! Build your’s, or team’s, or department’s skills with the best training courses of 2018-19. With a range of Cloud, Security, Networking, Data & AI, Design & Multimedia, Business Application, Application Development and Business Process training at limited-time prices, you can imbibe in-demand skills while making a huge saving on the training cost. Learn More www.netcomlearning.com | info@netcomlearning.com | (888) 563 8266
©1998-2018 NetCom Learning
Follow Us On:
www.netcomlearning.com | info@netcomlearning.com | (888) 563 8266
Š1998-2018 NetCom Learning
www.netcomlearning.com | info@netcomlearning.com | (888) 563 8266
Š1998-2018 NetCom Learning
THANK YOU !!!
www.netcomlearning.com | info@netcomlearning.com | (888) 563 8266
©1998-2018 NetCom Learning