Best Practices for AWS Security, Utilization,
and Cost Optimization Using CloudCheckr
Kyle Lichtenberg
Solution Architect
Amazon Web Services
Aaron Newman
Founder
CloudCheckr Inc.
Introducing
Webinar Overview
 Submit Your Questions using the Q&A tool.
 A copy of today’s presentation will be made available on:
...
 Intro to Amazon Web Services security and pricing models
 Common security and resource configuration issues that can ha...
Security on AWS
Facilities
Physical security
Compute infrastructure
Storage infrastructure
Network infrastructure
Virtuali...
Pricing on AWS
On-Demand
Pay for compute capacity by the
hour with no long-term
commitments
For spiky workloads,
or to def...
Common Issues
$
S3 Policies
IAM Management
Incorrect Health Checks
Under-utilized Resources
Snapshot Management
Unexpected...
Security, Utilization, and Cost Optimization
Best Practices for AWS
Aaron C. Newman
Founder, CloudCheckr
Aaron.Newman@Clou...
Examples of Best Practices for IAM
• Enabled IAM Password Policies
• Rotate your IAM access keys every 90 days
• Use Multi...
Examples of Best Practices for S3
• NEVER allow Upload/Delete permissions
open to Everyone
• Enable logging on your S3 buc...
Best Practices for Resource Utilization
• Locate and eliminate idle resources
• Right-size resources
• Don’t under or over...
Best Practices: Monitoring Activity/Errors
• Use CloudTrail
• Make sure it’s setup and running
• Monitoring for Unauthoriz...
Why use CloudCheckr for Best Practices?
• Best practice engine provides deep knowledge
• 250+ checks across ALL the AWS Se...
Why use CloudCheckr for Best Practices?
• Capability to ignore/suppress
• Some things are ok in your environment
• Manage ...
Thank You for Attending
Sign up today for free evaluation
at http://cloudcheckr.com
Aaron Newman is the Founder
of CloudCh...
Questions
Contacts:
CloudCheckr Info:
www.cloudcheckr.com
CloudCheckr Contact:
support@cloudcheckr.com
AWS Contact:
aws.am...
We’d like your feedback.
Please complete a short survey.
https://aws.asia.qualtrics.com/SE/?SID=SV_7
3zanj7xx4dY4wR
Click ...
Upcoming SlideShare
Loading in...5
×

AWS Partner Webcast - Best Practices for AWS security, utilization, and cost optimization using CloudCheckr

544

Published on

As your AWS deployment grows, so does the need to evolve your ability to stay on top of resource utilization, configuration, user access, and ever increasing choices in services and cost reduction opportunities.

In this webinar, you’ll learn from two seasoned veterans how to identify and address potential security misconfigurations and how to optimize AWS resource selection and utilization. For example, you’ll see how customers are saving time and money by using CloudCheckr to automatically check for things like open permissions on Amazon S3 storage buckets, or misconfigured Auto Scaling groups.

What you'll learn:
-How to locate and eliminate the most common misconfigurations customers tend to make with AWS
-How to create an automated process to keep your environment hardened and safe using CloudCheckr

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
544
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
27
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

AWS Partner Webcast - Best Practices for AWS security, utilization, and cost optimization using CloudCheckr

  1. 1. Best Practices for AWS Security, Utilization, and Cost Optimization Using CloudCheckr
  2. 2. Kyle Lichtenberg Solution Architect Amazon Web Services Aaron Newman Founder CloudCheckr Inc. Introducing
  3. 3. Webinar Overview  Submit Your Questions using the Q&A tool.  A copy of today’s presentation will be made available on:  AWS SlideShare Channel@ http://www.slideshare.net/AmazonWebServices/  AWS Webinar Channel on YouTube@ http://www.youtube.com/channel/UCT- nPlVzJI-ccQXlxjSvJmw
  4. 4.  Intro to Amazon Web Services security and pricing models  Common security and resource configuration issues that can have a financial impact  How to use CloudCheckr to create an automated process to keep your environment safe and cost efficient  Q&A What We’ll Cover
  5. 5. Security on AWS Facilities Physical security Compute infrastructure Storage infrastructure Network infrastructure Virtualization layer (EC2) Hardened service endpoints Rich IAM capabilities + Customers A Shared Responsibility Model Security experts are a scarce resource Refocus security pros on a subset of the problem Network configuration Security groups OS firewalls Operating systems Application security Service configuration AuthN & acct management Authorization policies
  6. 6. Pricing on AWS On-Demand Pay for compute capacity by the hour with no long-term commitments For spiky workloads, or to define needs Reserved Make a low, one-time payment and receive a significant discount on the hourly charge For committed utilization
  7. 7. Common Issues $ S3 Policies IAM Management Incorrect Health Checks Under-utilized Resources Snapshot Management Unexpected Transfer Unwanted Resources Empty Instance Cost Wasted Capital Potential Data Loss
  8. 8. Security, Utilization, and Cost Optimization Best Practices for AWS Aaron C. Newman Founder, CloudCheckr Aaron.Newman@CloudCheckr.com
  9. 9. Examples of Best Practices for IAM • Enabled IAM Password Policies • Rotate your IAM access keys every 90 days • Use Multi-factor Authentication • Use IAM groups • Don’t grant permissions to users • Setup an Administrators group See “Top Ten IAM Best Practices” at http://aws.amazon.com/iam/
  10. 10. Examples of Best Practices for S3 • NEVER allow Upload/Delete permissions open to Everyone • Enable logging on your S3 buckets • Review Open List permissions for sensitive files See “Best Practices for Using Amazon S3” at http://aws.amazon.com/articles/1904/
  11. 11. Best Practices for Resource Utilization • Locate and eliminate idle resources • Right-size resources • Don’t under or over-utilize • Use Auto Scaling Groups Check on ALL your resources: EC2, EBS, ELBs, RDS, DynamoDB, ElastiCache, etc…
  12. 12. Best Practices: Monitoring Activity/Errors • Use CloudTrail • Make sure it’s setup and running • Monitoring for Unauthorized Access Attempts • Check for access from new/unauthorized users or locations • Proactively Look for Errors in Logs • Check sources like EC2 console output, CloudWatch, event logs, status errors from the API
  13. 13. Why use CloudCheckr for Best Practices? • Best practice engine provides deep knowledge • 250+ checks across ALL the AWS Services • To find all the issues, not just some of them • Configurable to your environment • For instance, how much is “idle”, what is “too many ELB HTTP errors” • Runs on a regular basis • Nightly so you know in a timely fashion when something needs your attention • Pushes Notifications To You • Alerted by email, so you don’t have to go looking for problems
  14. 14. Why use CloudCheckr for Best Practices? • Capability to ignore/suppress • Some things are ok in your environment • Manage in a single view across all your accounts • The larger the environment, the more complexity, the hard to track down problems • Monitor by tags • Setup tags to include or exclude tags you choose • Drilldown on problems • Telling me I have a problem is not enough. Give me lots of details.
  15. 15. Thank You for Attending Sign up today for free evaluation at http://cloudcheckr.com Aaron Newman is the Founder of CloudCheckr (www.cloudcheckr.com) Please contact me with additional questions at: aaron.newman@cloudcheckr.com
  16. 16. Questions Contacts: CloudCheckr Info: www.cloudcheckr.com CloudCheckr Contact: support@cloudcheckr.com AWS Contact: aws.amazon.com/contact-us
  17. 17. We’d like your feedback. Please complete a short survey. https://aws.asia.qualtrics.com/SE/?SID=SV_7 3zanj7xx4dY4wR Click the link in your Chat Box
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×