3

Security

User permissions and access

AWS IAM (Identity and Access Management)

  • You can create user within IAM

  • Bydefault it has no permissions

  • Admin has to explicitly give permission

  • Admin can give permissions to user using IAM Policy

  • IAM Groups - is collection of users

  • Roles: has associated permissions

    • Can allow or deny

    • Assumed for temporary amounts of time

    • No username or password

    • It act as an idenity, access to temporary permissions

    • You can assign role to users, AWS resources, external identities, applications, other aws services

    • IAM roles are ideal for situations in which access to services or resources needs to be granted temporarily, instead of long-term.

    • When user switches role, all its previous permissions are revoked

AWS Organizations

  • Centralized management

  • Consolidated billing

  • Hierrachical groupings of accounts

  • AWS service and API actions access control

  • Service control policies (SCPs): which allows you to specify maximum permissions allowed on member account within an OU(organization unit)

  • SCPs enable you to place restrictions on the AWS services, resources, and individual API actions that users and roles in each account can access.

  • You are configuring service control policies (SCPs) in AWS Organizations. Which identities and resources can SCPs be applied to? (Select TWO.)

    • An individual member account

    • An organizational unit (OU)

AWS Artifact

  • is a service that provides on-demand access to AWS security and compliance reports and select online agreements.

  • AWS Artifact consists of two main sections: AWS Artifact Agreements and AWS Artifact Reports.

The Customer Compliance Center

  • contains resources to help you learn more about AWS compliance.

DDoS

  • UDP Flood - sends lots of data on your server (Security Groups can block such request based on allowed protocol)

  • Slowloris attack - takes lot of time with each request (ELB - first w8s for complete request before sending to your server. ELB is at region level)

  • AWS Shield with AWS WAF: uses web application firewall, to filter incoming traffic from bad actors.

    • is a web application firewall that lets you monitor network requests that come into your web applications.

    • Two level of protection: Standard(default and free) and Advanced(paid)

AWS Inspector

  • lets you know if u deviate from any security best practises

AWS GaurdDuty

  • Looks into AWS Cloudtrail event

  • VPC flow logs

  • DNS logs

  • is a service that provides intelligent threat detection for your AWS infrastructure and resources. It identifies threats by continuously monitoring the network activity and account behavior within your AWS environment.

Advanced security

Security Hub

AWS Key Management Service (AWS KMS)

  • Enables you to perform encryption operations through the use of cryptographic keys. A cryptographic key is a random string of digits used for locking (encrypting) and unlocking (decrypting) data. You can use AWS KMS to create, manage, and use cryptographic keys. You can also control the use of keys across a wide range of services and in your applications.

Previous2Next4

Last updated