Book Image

Mastering AWS Security

By : Albert Anthony
Book Image

Mastering AWS Security

By: Albert Anthony

Overview of this book

Mastering AWS Security starts with a deep dive into the fundamentals of the shared security responsibility model. This book tells you how you can enable continuous security, continuous auditing, and continuous compliance by automating your security in AWS with the tools, services, and features it provides. Moving on, you will learn about access control in AWS for all resources. You will also learn about the security of your network, servers, data and applications in the AWS cloud using native AWS security services. By the end of this book, you will understand the complete AWS Security landscape, covering all aspects of end - to -end software and hardware security along with logging, auditing, and compliance of your entire IT environment in the AWS cloud. Lastly, the book will wrap up with AWS best practices for security.
Table of Contents (10 chapters)

AWS Trusted Advisor

AWS Trusted Advisor provides you with recommendations and real-time guidance on the following four areas to optimize your resources as per AWS best practices:

  • Cost optimization
  • Performance
  • Security
  • Fault tolerance

This service analyzes and checks your AWS environment in real-time on an ongoing basis. It integrates with AWS IAM so you can control access to checks as well as to categories. The status of these checks is displayed in the AWS Trusted Advisor dashboard under the following color coded scheme:

  • Red: Action recommended
  • Yellow: Investigation recommended
  • Green: No problem detected

For all checks where the color is red or yellow, this service will provide alert criteria, recommended actions, and investigations along with resource details, such as details of the security groups that allow unrestricted access for specific ports.

By default, six core checks...