Book Image

AWS: Security Best Practices on AWS

By : Albert Anthony
Book Image

AWS: Security Best Practices on AWS

By: Albert Anthony

Overview of this book

With organizations moving their workloads, applications, and infrastructure to the cloud at an unprecedented pace, security of all these resources has been a paradigm shift for all those who are responsible for security; experts, novices, and apprentices alike. This book focuses on using native AWS security features and managed AWS services to help you achieve continuous security. Starting with an introduction to Virtual Private Cloud (VPC) to secure your AWS VPC, you will quickly explore various components that make up VPC such as subnets, security groups, various gateways, and many more. You will also learn to protect data in the AWS platform for various AWS services by encrypting and decrypting data in AWS. You will also learn to secure web and mobile applications in AWS cloud. This book is ideal for all IT professionals, system administrators, security analysts, solution architects, and chief information security officers who are responsible for securing workloads in AWS for their organizations. This book is embedded with useful assessments that will help you revise the concepts you have learned in this book. This book is repurposed for this specific learning experience from material from Packt's Mastering AWS Security, written by Albert Anthony.
Table of Contents (9 chapters)

Introduction


In this lesson, we will deep dive into the security of AWS VPC. VPC is the most important component of networking services in AWS. Networking services are one of the foundation services on the AWS cloud. A secure network is imperative to ensure security in AWS for your resources.

We will look at components that make up VPC, such as subnets, security groups, various gateways, and so on. We will take a deep dive into the AWS VPC features and benefits such as simplicity, security, multiple connectivity options, and so on.

We will look at the following most popular use cases of VPC that use various security and connectivity features of VPC:

  • Hosting a public-facing website

  • Hosting multi-tier web applications

  • Creating branch office and business unit networks

  • Hosting web applications in AWS cloud that are connected with your data center

  • Extending corporate network on the cloud

  • Disaster recovery

AWS provides multiple measures to secure resources in VPC and monitor activities in VPC, such as security groups, network access control list (ACL), and VPC flow logs. We will dive deep into each of these measures.

Next, we'll walk through the process of creating a VPC. You can either choose to create a VPC through the wizard, through the console, or through the CLI.

Furthermore, we'll go through the following VPC connectivity options along with VPC limits in detail:

  • Network to AWS VPC

  • AWS VPC to AWS VPC

  • Internal user to AWS VPC

We'll wrap up this lesson with VPC best practices.

Throughout this lesson, we'll take a look at AWS architecture diagrams for various use cases, connectivity options, and features. The objective of this lesson is to familiarize you with AWS VPC and let you know about ways to secure your VPC.