We are going to be talking about AWS Identity and Access Management (IAM) beginning with this post. If you have read through the previous two AWS posts then you should have already set up a labuser account and admin group.
Continue readingCategory Archives: AWS Security Services
Securing THE AWS ROOT USER ACCOUNT PART 2
In the last post for AWS we began to secure the root user account. We have already deleted the root access keys and activated MFA on our root account. In this post we will look at the final three items listed on the IAM Dashboard Security Status list.
Continue readingSecuring The AWS Root User Account Part 1
A new AWS account will include a root user account that will be initially configured with a single sign-in identity. This account will be able to access all AWS services and resources and it must be protected. It is considered best practice to not use this account for our everyday tasks. This includes administrative tasks which should be completed via an IAM User with administrative privileges.
continue readingThe Shared Responsibility Model
In this post we will discuss the Shared Responsibility Model and how AWS shares security responsibilities with their customers. This is one of the most important concepts for us to understand in working with the cloud. AWS is responsible for securing the underlying infrastructure that supports cloud services. Customers are responsible for securing anything they put into the cloud or connect to the cloud. The customer’s responsibility is often referred to as “Security in the Cloud” and AWS’ as “Security of the Cloud”.
continue reading
Cloud Security Essentials 