Table of Contents:
Below we have compiled publicly available sources from around the world that present views on AWS Security.
AWS Security Overview
Amazon Web Services (AWS) is one of the largest providers of Infrastructure as a Service. Its core service is the Elastic Compute Cloud (EC2), which provides compute resources on demand which are priced per hour, but there are now dozens of additional cloud services offered by AWS, including S3, a file storage service, the Relational Database Service which allows running SQL databases on demand, RedShift which is a high-performance data warehouse, and more. Because Amazon is a public cloud and users are running their applications and data remotely, outside their internal data centers, security is a primary concern.
On this wiki, we have collected the best resources from around the world covering the following aspects of AWS security:
- Security best practices for AWS users.
- Security related activities on AWS - including monitoring, secure access and SSH, compliance, configuration and security groups, and more.
- Security-related technologies and services Amazon provides - such as VPC, AWS WAF, Amazon IAM, CloudFormation, CloudTrail, CloudHSM, and more.
- How to secure specific AWS platforms and products - S3, RDS, RedShift, EDS, SES, SQS, AWS Auto Scaling, and more.
Key Topics in AWS Security
- Security for AWS Platforms — Securing the various computing services provided by Amazon Web Services requires a complex combination of technologies and best practices. In this section you'll find resources from around the web on securing specific services on AWS, including Amazon S3, Amazon RDS, Amazon RedShift, EBS, SES, SQS, and more.
- S3 Security — Resources on how to secure and harden Amazon S3 (Simple Storage Service), an online file storage web service offered by Amazon Web Services.
- RDS Security — Resources on how to secure and harden the Amazon Relational Database Service (Amazon RDS), which enables Amazon users to set up, operate, and scale relational databases like MySQL and SQL Server in the cloud.
- RedShift Security — Resources on how to secure and harden Amazon Redshift, a fully managed, petabyte-scale data warehouse service on the AWS cloud.
- Amazon EBS Security — Resources on how to secure and harden Amazon Elastic Block Store (EBS), which provides persistent block level storage volumes for use with Amazon EC2 instances.
- Amazon SES Security — Resources on how to secure and harden the Amazon Simple Email Service (Amazon SES), a cost-effective email service built on the AWS cloud.
- Amazon SQS Security — Resources on how to secure and harden Amazon Message Queuing Service (SQS), which helps users of AWS decouple the components of their cloud applications.
- Amazon SNS Security — Resources on how to secure and harden the Amazon Simple Notification Service (SNS), a push messaging service that pushes notifications from Amazon cloud apps to mobile devices and distributed services.
- AWS Auto Scaling Security — Resources on how to secure and harden Amazon's Auto Scaling service, which helps AWS users maintain application availability by dynamically scaling EC2 capacity up or down.
- Amazon Elastic MapReduce Security — Resources on how to secure and harden Amazon Elastic MapReduce (EMR), a web service that uses Hadoop, an open-source framework, to process vast amounts of data.
- AWS Monitoring — Resources on monitoring AWS applications and deployments, including best practices and specialized monitoring tools for the Amazon cloud.
- AWS Secure Access and SSH — Resources on how to securely access Amazon Web Services machines, using SSH keys and other methods, and security best practices for remote access on the Amazon cloud.
- AWS Compliance — Resources on compliance with regulations and industry standards on the AWS cloud - HIPAA compliance, ISO 27001 compliance, PCI compliance, and more.
- AWS Security Groups — Resources on defining security groups on AWS services like EC2, VPC and RDS. Security groups act as a virtual firewall that controls the traffic for one or more Amazon instances.
- AWS Firewall — Resources on how to setup a firewall on AWS, and tools that enable firewall capabilities on the Amazon cloud. For Amazon's WAF (Web Application Firewall) product, see our AWS WAF page (coming soon).
- AWS Security-Related Products and Features — Resources about security products and features provided as part of the Amazon Web Services cloud platform.
- Amazon VPC — Resources about Amazon Virtual Private Cloud (VPC), a feature in Amazon Web Services which allows you to launch AWS resources in an isolated virtual network, providing security and other benefits.
- AWS Web Application Firewall (WAF) — Resources about AWS Web Application Firewall (WAF), a product offered as part of the Amazon cloud platform, which protects web applications from common web security exploits.
- AWS Config —
- CloudFormation —
- CloudTrail —
- CloudWatch —
- Amazon IAM — Resources on Amazon Identity and Access Management (IAM), a web service that helps securely control access to AWS resources for users of the Amazon cloud.
- AWS Multi-Factor Authentication —
- AWS Certificate Manager —
- AWS Key Management Service —
- AWS CloudHSM —
Dome9: AWS Network Security and Identity Protection Made Simple
Visualize. Remediate. Enforce.
- No labels