Book Image

AWS: Security Best Practices on AWS

By : Albert Anthony
Book Image

AWS: Security Best Practices on AWS

By: Albert Anthony

Overview of this book

With organizations moving their workloads, applications, and infrastructure to the cloud at an unprecedented pace, security of all these resources has been a paradigm shift for all those who are responsible for security; experts, novices, and apprentices alike. This book focuses on using native AWS security features and managed AWS services to help you achieve continuous security. Starting with an introduction to Virtual Private Cloud (VPC) to secure your AWS VPC, you will quickly explore various components that make up VPC such as subnets, security groups, various gateways, and many more. You will also learn to protect data in the AWS platform for various AWS services by encrypting and decrypting data in AWS. You will also learn to secure web and mobile applications in AWS cloud. This book is ideal for all IT professionals, system administrators, security analysts, solution architects, and chief information security officers who are responsible for securing workloads in AWS for their organizations. This book is embedded with useful assessments that will help you revise the concepts you have learned in this book. This book is repurposed for this specific learning experience from material from Packt's Mastering AWS Security, written by Albert Anthony.
Table of Contents (9 chapters)

AWS Shield


AWS Shield is a managed Distributed Denial of Service (DDoS) protection service. It detects and automatically mitigates attacks that could potentially result in downtime for your application and might also increase latency for your applications running on EC2 instances.

A DDoS attack results in increased traffic for your EC2 instances, Elastic Load Balancer, Route 53, or CloudFront. As a result, these services would need to scale up resources to cope with the increased traffic. A DDoS attack usually happens when multiple systems are compromised or infected with a Trojan flooding a target system with an intention to deny a service to intended users by generating traffic and shutting down a resource so it cannot serve more requests.

AWS Shield has two tiers: Standard and Advanced. All protection under the AWS Shield Standard option is available to all AWS customers by default, without any additional charge. The AWS Shield Advanced option is available to customers with business and...