Getting Started With Aws Security: @ianmmmm Ian Massingham - Technical Evangelist
Getting Started With Aws Security: @ianmmmm Ian Massingham - Technical Evangelist
Getting Started With Aws Security: @ianmmmm Ian Massingham - Technical Evangelist
AWS Security
Ian Massingham — Technical Evangelist
[email protected]
@IanMmmm
Getting Started with AWS Security
MPAA
• Shared Responsibility
– Let AWS do the heavy lifting
– Focus on what’s most valuable to your business
• AWS • Customer
• Facility operations • Choice of Guest OS
• Physical Security • Application Configuration Options
• Physical Infrastructure • Account Management flexibility
• Network Infrastructure • Security Groups
• Virtualisation Infrastructure • ACLs
• Hardware lifecycle • Identity Management
management
Shared Security Model: Infrastructure Services
Such as Amazon EC2, Amazon EBS, and Amazon VPC
Shared Security Model: Container Services
Such as Amazon RDS and Amazon EMR
Shared Security Model: Abstracted Services
Such as Amazon S3 and Amazon DynamoDB
AWS SECURITY FEATURES
SECURE ACCESS
API ENDPOINTS USE TLS
BUILT-IN FIREWALLS
YOU CONTROL ACCESS TO YOUR INSTANCES
ROLE-BASED
ACCESS CONTROL
WITH FINE-GRAINED PERMISSIONS
MULTI-FACTOR
AUTHENTICATION
BUILT IN
PRIVATE SUBNETS
WITHIN YOUR AWS VIRTUAL PRIVATE CLOUD
ENCRYPT YOUR
DATA AT REST
USING AES 256 BIT ENCRYPTION KEYS
CLOUD HSM
A HIGHLY SECURE WAY TO STORE KEYS
DEDICATED
CONNECTION
AN OPTION WITH AWS DIRECT CONNECT
SECURITY LOGS
AWS CLOUDTRAIL, AWS CONFIG &
AMAZON CLOUDWATCH LOGS
TRUSTED ADVISOR
YOUR CUSTOMISED CLOUD EXPERT
VERIFYING OUR SECURITY
Compliance at AWS
AWS is Level 1 compliant under the Payment Card Industry (PCI) Data
Security Standard (DSS). Customers can run applications on our PCI-
compliant technology infrastructure for storing, processing, and
transmitting credit card information in the cloud.
aws.amazon.com/vpc
aws.amazon.com/kms
aws.amazon.com/config
aws.amazon.com/cloudtrail
aws.amazon.com/cloudhsm
aws.amazon.com/cloudwatch
aws.amazon.com/trustedadvisor
re
o s
r m a r
fo bin
us we
w
ll o ts &
Fo ven
e