Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Cloud Security Handbook
  • Table Of Contents Toc
Cloud Security Handbook

Cloud Security Handbook - Second Edition

By : Eyal Estrin
5 (2)
close
close
Cloud Security Handbook

Cloud Security Handbook

5 (2)
By: Eyal Estrin

Overview of this book

Securing cloud resources is no easy task—each provider has its unique set of tools, processes, and challenges, demanding specialized expertise. This book cuts through the complexity, delivering practical guidance on embedding security best practices across the core infrastructure components of AWS, Azure, and GCP. It equips information security professionals and cloud engineers with the skills to identify risks and implement robust security controls throughout the design, deployment, and maintenance of public cloud environments. Starting with the shared responsibility model, cloud service models, and deployment models, this book helps you get to grips with fundamental concepts such as compute, storage, networking, identity management, and encryption. You’ll then explore common threats and compliance requirements for cloud environments. As you progress, you'll implement security strategies across deployments ranging from small-scale environments to enterprise-grade production systems, including hybrid and multi-cloud setups. This edition expands on emerging topics like GenAI service security and DevSecOps, with hands-on examples leveraging built-in security features of AWS, Azure, and GCP. By the end of this book, you'll confidently secure any cloud environment with a comprehensive understanding of cloud security principles.
Table of Contents (24 chapters)
close
close
Lock Free Chapter
1
Part 1:Securing Infrastructure Cloud Services
10
Part 2: Deep Dive into IAM, Auditing, and Encryption
14
Part 3: Threat and Vendor Management
17
Part 4: Advanced Use of Cloud Services

Securing object storage

Each cloud provider has its own implementation of object storage, but at the end of the day, the basic idea is the same:

  • Files (or objects) are stored inside buckets (these are logical concepts such as directories or logical containers)
  • Access to files in object storage is either through HTTP(S), web command-line tools, or programmatically using SDKs

In the following diagram, we see how a virtual machine (VM) accesses object storage over the network:

Figure 5.1 – VM accessing object storage

Figure 5.1 – VM accessing object storage

Object storage is not meant to store operating systems or databases (please refer to the Securing block storage section).

General best practices for securing object storage

Regardless of the cloud provider you are using when using object storage, you should adopt the following best practices:

  • Use access control lists (ACLs) and identity and access management (IAM) to restrict access from the cloud environment...
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Cloud Security Handbook
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon