Summary
In this chapter, we applied the least privilege principle at different level. In the IAM section, you learned how to lock in your root account and pass control to IAM users, by configuring a password policy and setting up permissions and groups. Enabling CloudTrail, we tracked and monitored every action performed on our infrastructure by an IAM user or by a service, in our environment. With VPC Flow Logs, we observed a powerful network monitor applicable at any point of our VPC, and we also created our prerequisites using Terraform, a wonderful tool for growing our practice. . We also covered the concept of the Terraform module. In the VPC subnets section, we looked at the three kinds of subnet that we can use in our AWS cloud, and where to place the different kinds of resources available in our infrastructure, exposing it to the internet as little as possible and keeping as much as possible in private zones.
While discussing the WAF service, we explored one of the most powerful...