Book Image

Cloud Security Automation

By : Prashant Priyam
Book Image

Cloud Security Automation

By: Prashant Priyam

Overview of this book

Security issues are still a major concern for all IT organizations. For many enterprises, the move to cloud computing has raised concerns for security, but when applications are architected with focus on security, cloud platforms can be made just as secure as on-premises platforms. Cloud instances can be kept secure by employing security automation that helps make your data meet your organization's security policy. This book starts with the basics of why cloud security is important and how automation can be the most effective way of controlling cloud security. You will then delve deeper into the AWS cloud environment and its security services by dealing with security functions such as Identity and Access Management and will also learn how these services can be automated. Moving forward, you will come across aspects such as cloud storage and data security, automating cloud deployments, and so on. Then, you'll work with OpenStack security modules and learn how private cloud security functions can be automated for better time- and cost-effectiveness. Toward the end of the book, you will gain an understanding of the security compliance requirements for your Cloud. By the end of this book, you will have hands-on experience of automating your cloud security and governance.
Table of Contents (15 chapters)
Title Page
Packt Upsell

AWS DynamoDB

Amazon DynamoDB is NoSQL DB, which is very fast and scalable. It provides your application very low latency at any scale. DynamoDB is PaaS (available on AWS), which works on document and key value stores. For huge amounts of requests, AWS offers the DynamoDB Accelerator (DAX) service to give you microsecond latency.

To secure DynamoDB, we use IAM extensively. Let's look at methods of securing DynamoDB.

Security in DynamoDB

We use IAM for authentication and access management for DynamoDB.

For signing from the console, we define users that have sufficient privileges to access DynamoDB  resources.

We use IAM roles and policies to access the DynamoDB tables to perform read/write operations. When we use IAM roles, it creates temporary tokens to authenticate and provide access to DynamoDB resources.

If we have applications running on EC2 instances, we can map the IAM roles to grant permission to access the DynamoDB resources.

When we define an IAM policy to grant permission on DynamoDB,...