Securing your AWS infrastructure can be by achieved by incorporating a set of native and non native AWS services.
AWS Security Components
- IAM - Identity and Access Management
- Detection
- Network and Application Protection
- Data Protection
- Incident Response
- Compliance
IAM - IDENTITY AND ACCESS MANAGEMENT
AWS IAM - With IAM, you can manage permissions that control which AWS resources users can access. IAM provides the infrastructure necessary to control authentication and authorization for your AWS accounts.
Amazon Cognito - It is a user directory, an authentication server, and an authorization service for OAuth 2.0 access tokens and AWS credentials. With Amazon Cognito, you can authenticate and authorize users from the built-in user directory, from your enterprise directory, and from consumer identity providers like Google and Facebook.
AWS Directory Service - It provides multiple ways to use Microsoft Active Directory (AD) with other AWS services.AWS Directory Service provides multiple directory choices for customers who want to use existing Microsoft AD or Lightweight Directory Access Protocol (LDAP)–aware applications in the cloud
DETECTION
Amazon GuardDuty - It is a threat detection service that continuously monitors, analyzes, and processes AWS data sources and logs in your AWS environment.It uses threat intelligence feeds, such as lists of malicious IP addresses and domains, file hashes, and machine learning (ML) models to identify suspicious and potentially malicious activity in your AWS environment.
Amazon Inspector - It is a vulnerability management service that automatically discovers workloads and continually scans them for software vulnerabilities and unintended network exposure.It discovers and scans Amazon EC2 instances, container images in Amazon ECR, and Lambda functions and when it detects a software vulnerability or unintended network exposure, it creates a finding, which is a detailed report about the issue.
Amazon Cloudwatch - It monitors your Amazon Web Services (AWS) resources and the applications you run on AWS in real time and collects and track metrics, which are variables you can measure for your resources and applications.
AWS Cloud Trail - It helps you enable operational and risk auditing, governance, and compliance of your AWS account.All actions taken by a user, role, or an AWS service are recorded as events and they include actions taken in the AWS Management Console, AWS Command Line Interface, and AWS SDKs and APIs.
NETWORK AND APPLICATION SECURITY
AWS Shield - It provides two levels of protection against DDoS attacks: AWS Shield Standard and AWS Shield Advanced.AWS Shield Advanced provides expanded DDoS attack protection for your Amazon EC2 instances, Elastic Load Balancing load balancers, Amazon CloudFront distributions, and Amazon Route 53 hosted zones.
AWS Network Firewall - It is a stateful, managed, network firewall and intrusion detection and prevention service for your virtual private cloud (VPC) that you create in Amazon Virtual Private Cloud (Amazon VPC). You can filter traffic at the perimeter of your VPC which includes filtering traffic going to and coming from an internet gateway, NAT gateway, or over VPN or AWS Direct Connect.
AWS WAF(Web Application Firewall) - It is a web application firewall that lets you monitor web requests that are forwarded to Amazon CloudFront distributions or an Application Load Balancer.
DATA SECURITY
AWS Key Management Systems - KMS - It is an AWS managed service that makes it easy for you to create and control the encryption keys that are used to encrypt your data.These keys are protected by FIPS 140-2 validated hardware security modules (HSM) which never leave AWS KMS unencrypted.
AWS Secrets Manager - It helps you manage, retrieve, and rotate database credentials, application credentials, OAuth tokens, API keys, and other secrets throughout their lifecycles.Storing the credentials in Secrets Manager helps avoid possible compromise by anyone who can inspect your application or the components.
AWS Certificate Manager - It handles the complexity of creating, storing, and renewing public and private SSL/TLS X.509 certificates and keys that protect your AWS websites and applications.
INCIDENT RESPONSE
Amazon Detective - It helps you analyze, investigate, and quickly identify the root cause of security findings or suspicious activities. Detective automatically collects log data from your AWS resources. It then uses machine learning, statistical analysis, and graph theory to generate visualizations that help you to conduct faster and more efficient security investigations.
COMPLIANCE
AWS Artifact - It provides on-demand downloads of AWS security and compliance documents and also provides downloads of certifications from accreditation bodies that validate the implementation and operating effectiveness of AWS security controls.It helps to review, accept, and track the status of your agreements with AWS for your AWS account and for multiple AWS accounts in your organization.
AWS Audit Manager - AWS Audit Manager to continually audit your AWS usage to simplify risk and compliance with regulations and industry standards.It automates evidence collection so you can more easily assess whether your policies, procedures, and activities—also known as controls—are operating effectively.
Top comments (0)