Submit Search
Upload
AWS Security Overview and Best Practices
•
33 likes
•
4,490 views
AI-enhanced title
Amazon Web Services
Follow
AWSome Day Online Conference 2019 - Module 3 AWS Security
Read less
Read more
Report
Share
Report
Share
1 of 35
Recommended
AWSome Day Online Conference 2019 - Module 5 AWS Pricing and Support.pdf
AWSome Day Online Conference 2019 - Module 5 AWS Pricing and Support.pdf
Amazon Web Services
AWSome Day Online Conference 2019 - Module 2 AWS Core Services.pdf
AWSome Day Online Conference 2019 - Module 2 AWS Core Services.pdf
Amazon Web Services
AWSome Day Online Conference 2019 - Module 1 AWS Cloud Concepts.pdf
AWSome Day Online Conference 2019 - Module 1 AWS Cloud Concepts.pdf
Amazon Web Services
AWS Webcast - Introduction to EBS
AWS Webcast - Introduction to EBS
Amazon Web Services
Aws concepts-power-point-slides
Aws concepts-power-point-slides
Sushil Thapa
AWS 101
AWS 101
Amazon Web Services
Getting Started with AWS Compute Services
Getting Started with AWS Compute Services
Amazon Web Services
Introduction to Amazon EKS
Introduction to Amazon EKS
Amazon Web Services
Recommended
AWSome Day Online Conference 2019 - Module 5 AWS Pricing and Support.pdf
AWSome Day Online Conference 2019 - Module 5 AWS Pricing and Support.pdf
Amazon Web Services
AWSome Day Online Conference 2019 - Module 2 AWS Core Services.pdf
AWSome Day Online Conference 2019 - Module 2 AWS Core Services.pdf
Amazon Web Services
AWSome Day Online Conference 2019 - Module 1 AWS Cloud Concepts.pdf
AWSome Day Online Conference 2019 - Module 1 AWS Cloud Concepts.pdf
Amazon Web Services
AWS Webcast - Introduction to EBS
AWS Webcast - Introduction to EBS
Amazon Web Services
Aws concepts-power-point-slides
Aws concepts-power-point-slides
Sushil Thapa
AWS 101
AWS 101
Amazon Web Services
Getting Started with AWS Compute Services
Getting Started with AWS Compute Services
Amazon Web Services
Introduction to Amazon EKS
Introduction to Amazon EKS
Amazon Web Services
AWSome Day Online 2020_Module 2: Getting started with the cloud
AWSome Day Online 2020_Module 2: Getting started with the cloud
Amazon Web Services
Intro to AWS: EC2 & Compute Services
Intro to AWS: EC2 & Compute Services
Amazon Web Services
Migrating to Amazon RDS with Database Migration Service
Migrating to Amazon RDS with Database Migration Service
Amazon Web Services
20190312 AWS Black Belt Online Seminar AWS Well-Architected Frameworkによるコスト最適化
20190312 AWS Black Belt Online Seminar AWS Well-Architected Frameworkによるコスト最適化
Amazon Web Services Japan
AWS Elastic Compute Cloud (EC2)
AWS Elastic Compute Cloud (EC2)
zekeLabs Technologies
Kubernetes on AWS with Amazon EKS
Kubernetes on AWS with Amazon EKS
Amazon Web Services
Setting Up a Landing Zone
Setting Up a Landing Zone
Amazon Web Services
Amazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for Kubernetes
Amazon Web Services
AWS Control Tower
AWS Control Tower
CloudHesive
AWS for Backup and Recovery
AWS for Backup and Recovery
Amazon Web Services
AWS Technical Essentials Day
AWS Technical Essentials Day
Amazon Web Services
AWS Containers Day.pdf
AWS Containers Day.pdf
Amazon Web Services
Amazon EC2 Instances, Featuring Performance Optimisation Best Practices
Amazon EC2 Instances, Featuring Performance Optimisation Best Practices
Amazon Web Services
Introduction to AWS Lake Formation.pptx
Introduction to AWS Lake Formation.pptx
SwathiPonugumati
(DVO201) Scaling Your Web Applications with AWS Elastic Beanstalk
(DVO201) Scaling Your Web Applications with AWS Elastic Beanstalk
Amazon Web Services
Introduction to Amazon Elastic File System (EFS)
Introduction to Amazon Elastic File System (EFS)
Amazon Web Services
[REPEAT] Microsoft Active Directory Deep Dive (WIN303-R) - AWS re:Invent 2018
[REPEAT] Microsoft Active Directory Deep Dive (WIN303-R) - AWS re:Invent 2018
Amazon Web Services
Best Practices for Securing an Amazon VPC (NET318) - AWS re:Invent 2018
Best Practices for Securing an Amazon VPC (NET318) - AWS re:Invent 2018
Amazon Web Services
AWS 6월 웨비나 | Amazon VPC Deep Dive (김상필 솔루션즈아키텍트)
AWS 6월 웨비나 | Amazon VPC Deep Dive (김상필 솔루션즈아키텍트)
Amazon Web Services Korea
AWSome Day 2016 - Module 1: AWS Introduction and History
AWSome Day 2016 - Module 1: AWS Introduction and History
Amazon Web Services
Module 4: Secure your cloud applications - AWSome Day Online Conference 2019
Module 4: Secure your cloud applications - AWSome Day Online Conference 2019
Amazon Web Services
AWS Identity Access Management
AWS Identity Access Management
Richard Harvey
More Related Content
What's hot
AWSome Day Online 2020_Module 2: Getting started with the cloud
AWSome Day Online 2020_Module 2: Getting started with the cloud
Amazon Web Services
Intro to AWS: EC2 & Compute Services
Intro to AWS: EC2 & Compute Services
Amazon Web Services
Migrating to Amazon RDS with Database Migration Service
Migrating to Amazon RDS with Database Migration Service
Amazon Web Services
20190312 AWS Black Belt Online Seminar AWS Well-Architected Frameworkによるコスト最適化
20190312 AWS Black Belt Online Seminar AWS Well-Architected Frameworkによるコスト最適化
Amazon Web Services Japan
AWS Elastic Compute Cloud (EC2)
AWS Elastic Compute Cloud (EC2)
zekeLabs Technologies
Kubernetes on AWS with Amazon EKS
Kubernetes on AWS with Amazon EKS
Amazon Web Services
Setting Up a Landing Zone
Setting Up a Landing Zone
Amazon Web Services
Amazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for Kubernetes
Amazon Web Services
AWS Control Tower
AWS Control Tower
CloudHesive
AWS for Backup and Recovery
AWS for Backup and Recovery
Amazon Web Services
AWS Technical Essentials Day
AWS Technical Essentials Day
Amazon Web Services
AWS Containers Day.pdf
AWS Containers Day.pdf
Amazon Web Services
Amazon EC2 Instances, Featuring Performance Optimisation Best Practices
Amazon EC2 Instances, Featuring Performance Optimisation Best Practices
Amazon Web Services
Introduction to AWS Lake Formation.pptx
Introduction to AWS Lake Formation.pptx
SwathiPonugumati
(DVO201) Scaling Your Web Applications with AWS Elastic Beanstalk
(DVO201) Scaling Your Web Applications with AWS Elastic Beanstalk
Amazon Web Services
Introduction to Amazon Elastic File System (EFS)
Introduction to Amazon Elastic File System (EFS)
Amazon Web Services
[REPEAT] Microsoft Active Directory Deep Dive (WIN303-R) - AWS re:Invent 2018
[REPEAT] Microsoft Active Directory Deep Dive (WIN303-R) - AWS re:Invent 2018
Amazon Web Services
Best Practices for Securing an Amazon VPC (NET318) - AWS re:Invent 2018
Best Practices for Securing an Amazon VPC (NET318) - AWS re:Invent 2018
Amazon Web Services
AWS 6월 웨비나 | Amazon VPC Deep Dive (김상필 솔루션즈아키텍트)
AWS 6월 웨비나 | Amazon VPC Deep Dive (김상필 솔루션즈아키텍트)
Amazon Web Services Korea
AWSome Day 2016 - Module 1: AWS Introduction and History
AWSome Day 2016 - Module 1: AWS Introduction and History
Amazon Web Services
What's hot
(20)
AWSome Day Online 2020_Module 2: Getting started with the cloud
AWSome Day Online 2020_Module 2: Getting started with the cloud
Intro to AWS: EC2 & Compute Services
Intro to AWS: EC2 & Compute Services
Migrating to Amazon RDS with Database Migration Service
Migrating to Amazon RDS with Database Migration Service
20190312 AWS Black Belt Online Seminar AWS Well-Architected Frameworkによるコスト最適化
20190312 AWS Black Belt Online Seminar AWS Well-Architected Frameworkによるコスト最適化
AWS Elastic Compute Cloud (EC2)
AWS Elastic Compute Cloud (EC2)
Kubernetes on AWS with Amazon EKS
Kubernetes on AWS with Amazon EKS
Setting Up a Landing Zone
Setting Up a Landing Zone
Amazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for Kubernetes
AWS Control Tower
AWS Control Tower
AWS for Backup and Recovery
AWS for Backup and Recovery
AWS Technical Essentials Day
AWS Technical Essentials Day
AWS Containers Day.pdf
AWS Containers Day.pdf
Amazon EC2 Instances, Featuring Performance Optimisation Best Practices
Amazon EC2 Instances, Featuring Performance Optimisation Best Practices
Introduction to AWS Lake Formation.pptx
Introduction to AWS Lake Formation.pptx
(DVO201) Scaling Your Web Applications with AWS Elastic Beanstalk
(DVO201) Scaling Your Web Applications with AWS Elastic Beanstalk
Introduction to Amazon Elastic File System (EFS)
Introduction to Amazon Elastic File System (EFS)
[REPEAT] Microsoft Active Directory Deep Dive (WIN303-R) - AWS re:Invent 2018
[REPEAT] Microsoft Active Directory Deep Dive (WIN303-R) - AWS re:Invent 2018
Best Practices for Securing an Amazon VPC (NET318) - AWS re:Invent 2018
Best Practices for Securing an Amazon VPC (NET318) - AWS re:Invent 2018
AWS 6월 웨비나 | Amazon VPC Deep Dive (김상필 솔루션즈아키텍트)
AWS 6월 웨비나 | Amazon VPC Deep Dive (김상필 솔루션즈아키텍트)
AWSome Day 2016 - Module 1: AWS Introduction and History
AWSome Day 2016 - Module 1: AWS Introduction and History
Similar to AWS Security Overview and Best Practices
Module 4: Secure your cloud applications - AWSome Day Online Conference 2019
Module 4: Secure your cloud applications - AWSome Day Online Conference 2019
Amazon Web Services
AWS Identity Access Management
AWS Identity Access Management
Richard Harvey
Identity and Access Management and Directory Services
Identity and Access Management and Directory Services
Amazon Web Services
Fundamentals of AWS Security
Fundamentals of AWS Security
Amazon Web Services
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Amazon Web Services
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Amazon Web Services
Pitt Immersion Day Module 5 - security overview
Pitt Immersion Day Module 5 - security overview
EagleDream Technologies
AWSome Day Online Conference 2018 - Module 3
AWSome Day Online Conference 2018 - Module 3
Amazon Web Services
How to Implement a Well-Architected Security Solution.pdf
How to Implement a Well-Architected Security Solution.pdf
Amazon Web Services
Capital One case study: Addressing compliance and security within AWS - FND21...
Capital One case study: Addressing compliance and security within AWS - FND21...
Amazon Web Services
Proteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWS
Amazon Web Services
AWSome Day Online 2020_Module 4: Secure your cloud applications
AWSome Day Online 2020_Module 4: Secure your cloud applications
Amazon Web Services
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณ
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณ
Amazon Web Services
HSBC and AWS Day - Security Identity and Access Management
HSBC and AWS Day - Security Identity and Access Management
Amazon Web Services
AWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud Anda
AWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud Anda
Amazon Web Services
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Amazon Web Services
Getting Started with AWS Security
Getting Started with AWS Security
Amazon Web Services
Sicurezza in AWS automazione e best practice
Sicurezza in AWS automazione e best practice
Amazon Web Services
AWS18_StartupDayToronto_SecuringYourCustomersDataFromDayOne
AWS18_StartupDayToronto_SecuringYourCustomersDataFromDayOne
Amazon Web Services
Deep dive - AWS security by design
Deep dive - AWS security by design
Richard Harvey
Similar to AWS Security Overview and Best Practices
(20)
Module 4: Secure your cloud applications - AWSome Day Online Conference 2019
Module 4: Secure your cloud applications - AWSome Day Online Conference 2019
AWS Identity Access Management
AWS Identity Access Management
Identity and Access Management and Directory Services
Identity and Access Management and Directory Services
Fundamentals of AWS Security
Fundamentals of AWS Security
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...
Pitt Immersion Day Module 5 - security overview
Pitt Immersion Day Module 5 - security overview
AWSome Day Online Conference 2018 - Module 3
AWSome Day Online Conference 2018 - Module 3
How to Implement a Well-Architected Security Solution.pdf
How to Implement a Well-Architected Security Solution.pdf
Capital One case study: Addressing compliance and security within AWS - FND21...
Capital One case study: Addressing compliance and security within AWS - FND21...
Proteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWS
AWSome Day Online 2020_Module 4: Secure your cloud applications
AWSome Day Online 2020_Module 4: Secure your cloud applications
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณ
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณ
HSBC and AWS Day - Security Identity and Access Management
HSBC and AWS Day - Security Identity and Access Management
AWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud Anda
AWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud Anda
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Getting Started with AWS Security
Getting Started with AWS Security
Sicurezza in AWS automazione e best practice
Sicurezza in AWS automazione e best practice
AWS18_StartupDayToronto_SecuringYourCustomersDataFromDayOne
AWS18_StartupDayToronto_SecuringYourCustomersDataFromDayOne
Deep dive - AWS security by design
Deep dive - AWS security by design
More from Amazon Web Services
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
Amazon Web Services
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
Amazon Web Services
Open banking as a service
Open banking as a service
Amazon Web Services
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Amazon Web Services
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
Computer Vision con AWS
Computer Vision con AWS
Amazon Web Services
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
Tools for building your MVP on AWS
Tools for building your MVP on AWS
Amazon Web Services
How to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Amazon Web Services
Building a web application without servers
Building a web application without servers
Amazon Web Services
Fundraising Essentials
Fundraising Essentials
Amazon Web Services
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Amazon Web Services
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
Amazon Web Services
More from Amazon Web Services
(20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
Open banking as a service
Open banking as a service
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Computer Vision con AWS
Computer Vision con AWS
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Tools for building your MVP on AWS
Tools for building your MVP on AWS
How to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Building a web application without servers
Building a web application without servers
Fundraising Essentials
Fundraising Essentials
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
AWS Security Overview and Best Practices
1.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Module 3: Security Overview
2.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Topics • Introduction to AWS Security • The AWS Shared Responsibility Model • AWS Access Control and Management • AWS Security Resources and Features
3.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved.
4.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Introduction to AWS Security Security is of the utmost importance to AWS. • Approach to security • AWS environment controls • AWS offerings and features
5.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Keep Your Data Safe • Resilient infrastructure • High security • Strong safeguards
6.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Continual Improvement • Rapid innovation • Constantly evolving security services
7.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Pay For What You Need • Advanced security services • Address real-time emerging risks • Meeting needs at a lower operational cost
8.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Meet Compliance Requirements Governance-enabled features • Additional oversight • Security control • Central automation
9.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Security Products and Features Tools • Access from AWS and partners • Use for monitoring and logging
10.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Network Security • Built-in firewalls • Encryption in transit • Private/dedicated connections • Distributed denial of service (DDoS) mitigation
11.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Inventory and Configuration Management • Deployment tools • Inventory and configuration tools • Template definition and management tools
12.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Data Encryption • Encryption capabilities • Key management options • AWS Key Management Service • Hardware-based cryptographic key storage options • AWS CloudHSM
13.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Access Control and Management • AWS Identity and Access Management (IAM) • AWS Multi-factor authentication (MFA) • Integration and federation with corporate directories • Amazon Cognito • AWS SSO
14.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Monitoring and Logging Tools and features to reduce your risk profile: • Deep visibility into API calls • Log aggregation and options • Alert notifications
15.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS Marketplace • Qualified partners to market/sell software to AWS customers • Online software store that can run on AWS
16.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved.
17.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Shared Responsibility Model
18.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Security of the Cloud Protection of the AWS global infrastructure is top priority Availability of third-party reports
19.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Security of the Cloud • Amazon EC2 • Amazon EBS AWS Foundation Services Unmanaged services Managed Services • Amazon DynamoDB • Amazon RDS • Amazon Redshift • Amazon EMR • Amazon WorkSpaces
20.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Security in the Cloud • What to store • Which AWS services • In what location • In what content format and structure • Who has access
21.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Security in the Cloud • Customers retain control • Changes to model depend on services
22.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved.
23.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS IAM Control access to AWS resources • Authentication • Authorization Controls access to services such as: • Compute • Storage • Database • Application services
24.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS IAM Create users and groups Grant permissions User Group Permissions Role
25.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS IAM Functionality Manage • Users and their access • Roles and their permissions • Federate users and their permissions IAM Corp
26.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS Account Root User Account root user has complete access to all AWS Services.
27.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS Account Root User Recommendations 1. Delete root user access keys. 2. Create an IAM user. 3. Grant administrator access. 4. Use IAM credentials to interact with AWS. IAM
28.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS IAM: Authentication Programmatic access • Enables access key ID and secret access key Management console access • Uses AWS account name and password • MFA prompts for code
29.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS IAM: Authorization Access AWS services • Grant authorization Assign permissions • Create an AWS IAM policy
30.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS IAM: Policy Assignment IAM User IAM Policy IAM Group IAM Roles
31.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Let’s take a look at the AWS IAM DEMO
32.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS IAM DEMO
33.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. IAM Best Practices • Delete AWS root account access keys • Activate multi-factor authentication (MFA) • Give IAM users only the permissions they must have • Use IAM groups • Apply an IAM password policy
34.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved. IAM Best Practices • Roles • Use roles for applications • Use roles instead of sharing credentials • Credentials • Rotate credentials regularly • Remove unnecessary users and credentials • Use policy conditions for extra security • Monitor activity in your AWS account
35.
© 2019, Amazon
Web Services, Inc. or its affiliates. All rights reserved.