• Save
Building Fault Tolerant, Highly Available and Secured Architectures - Simon Elisha - AWS Summit 2012 Australia
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

Building Fault Tolerant, Highly Available and Secured Architectures - Simon Elisha - AWS Summit 2012 Australia

  • 2,034 views
Uploaded on

Simon Elisha's presentation, Australian AWS Summit, Sydney 2012, Architect Track

Simon Elisha's presentation, Australian AWS Summit, Sydney 2012, Architect Track

More in: Technology , Sports
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
2,034
On Slideshare
2,034
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
0
Comments
0
Likes
8

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Cloud computing is a better way to run your business. The cloud helps companies of all sizes become more agile. Instead of running your applications yourself you can run them on the cloud where IT infrastructure is offered as a service like a utility. \n\nWith the cloud, your company saves money: there are no up-front capital expenses as you don’t have to buy hardware for your projects. The massive scale and fast pace of innovation of the cloud drive the costs down for you. In the cloud, you pay only for what you use just like electricity.\n\nThe cloud can also help your company save time and improve agility – it’s faster to get started: you can build new environments in minutes as you don’t need to wait for new servers to arrive. The elastic nature of the cloud makes it easy to scale up and down as needed. At the end of the day you have more resources left for innovation which allows you to focus on projects that can really impact your businesses like building and deploying more applications. \n\n“With the high growth nature of our business, we were looking for a cloud solution to enable us to scale fast. Think twice before buying your next server. Cloud computing is the way forward.” - Sami Lababidi, CTO, Playfish\n
  • \n
  • \n
  • Each item a\n
  • Each item a\n
  • Fault Separation \nAmazon EC2 provides customers the flexibility to place instances within multiple geographic regions as well as across multiple Availability Zones. Each Availability Zone is designed with fault separation. This means that Availability Zones are physically separated within a typical metropolitan region, on different flood plains, in seismically stable areas. In addition to discrete uninterruptable power source (UPS) and onsite backup generation facilities, they are each fed via different grids from independent utilities to further reduce single points of failure. They are all redundantly connected to multiple tier-1 transit providers. \n\nIt should be noted that although traffic flowing across the private networks between Availability Zones in a single region is on AWS-controlled infrastructure, all communications between regions is across public Internet infrastructure, so appropriate encryption methods should be used to protect sensitive data. Data are not replicated between regions unless proactively done so by the customer.\n
  • Distinct physical locations\nLow-latency network connections between Azs\nIndependent power, cooling, network, security\nAlways partition app stacks across 2 or more Azs\nElastic Load Balance across instances in multiple Azs\n\nDon’t confuse AZ’s with Regions!\n
  • \n
  • \n
  • Note, the question is not “do you need to automate your deployment” or “should I use automation when I’m using the cloud?” the answer to that is YES!\nThe question is; if you’re using fully standard PHP or Java stacks, why manage it? Beanstalk does that great, with zero lock-in. If what you need is more complex, perhaps cloudformation (note, you can do BOTH!) \n
  • \n
  • \n
  • \n
  • Three-Tier Web App has been “fork-lifted” to the cloud\nEverything in a single Availability Zone\nLoad balanced at the Web tier and App tier using software load balancers\nMaster and Standby database\nElastic IP on front end load balancer only\nS3 used as DB backup instead of tape\nHow can you use AWS features to make this app more highly available?\n
  • Three-Tier Web App has been “fork-lifted” to the cloud\nEverything in a single Availability Zone\nLoad balanced at the Web tier and App tier using software load balancers\nMaster and Standby database\nElastic IP on front end load balancer only\nS3 used as DB backup instead of tape\nHow can you use AWS features to make this app more highly available?\n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • Examining AWS, you’ll see that the same security isolations are employed as would be found in a traditional datacenter. These include physical datacentre security, separation of the network, isolation of the server hardware, and isolation of storage. AWS customers have control over their data: they own the data, not us; they can encrypt their data at rest and in motion, just as they would in their own datacenter. \n \nAmazon Web Services provides the same, familiar approaches to security that companies have been using for decades. Importantly, it does this while also allowing the flexibility and low cost of cloud computing. There is nothing inherently at odds about providing on-demand infrastructure while also providing the security isolation companies have become accustomed to in their existing, privately-owned environments.\n\nAWS is a secure, durable technology platform with industry-recognized certifications and audits: PCI DSS Level 1, ISO 27001, FISMA Moderate, HIPAA, SAS 70 Type II. Our services and data centers have multiple layers of operational and physical security designed to protect the integrity and safety of your data. Visit our Security Center to learn more http://aws.amazon.com/security/.\n\nCertifications and Accreditations: AWS has successfully completed a SAS70 Type II Audit, and will continue to obtain the appropriate security certifications and accreditations to demonstrate the security of our infrastructure and services. \n\nPCI DSS: We finalized our 2011 PCI compliance audit, publishing our extensive Report on Controls (ROC) with an expanded scope. Our new November 30, 2011 PCI Attestation of Compliance, a document from our auditor stating we are compliant with all 12 PCI security standard domains, is available now for customers considering or working on moving PCI systems to AWS. The new Attestation of Compliance document includes some key changes this year: This year we’ve added RDS, ELB, and IAM as in-scope services. The addition of these services is fantastic news for PCI customers since they can now leverage RDS to store cardholder and transaction data, use ELB to manage card transaction traffic, and rely on IAM features as validated control mechanisms that satisfy PCI security standard requirements. Consistent with last year, EC2, S3, EBS, and VPC continue to be in scope. \n \nPhysical Security: Amazon has many years of experience in designing, constructing, and operating large scale data centers. AWS infrastructure is housed in Amazon-controlled data centers throughout the world. Only those within Amazon who have a legitimate business need to have such information know the actual location of these data centers, and the data centers themselves are secured with a variety of physical barriers to prevent unauthorized access.\n\nSecure Services: Each of the services within the AWS cloud is architected to be secure and contains a number of capabilities that restrict unauthorized access or usage without sacrificing the flexibility that customers demand. \n\nData Privacy: AWS enables users to encrypt their personal or business data within the AWS cloud and publishes backup and redundancy procedures for services so that customers can gain greater understanding of how their data flows throughout AWS.\n\n“In essence, the security system of AWS’s platform has been added to our existing security systems. We now have a security posture consistent with that of a multi-billion dollar company.” - Jim Warren, CIO, Recovery Accountability and Transparency Board (RATB)\n
  • \n
  • AWS Identity and Access Management (AWS IAM)\nAWS Identity and Access Management (AWS IAM) enables a customer to create multiple users and manage the permissions for each of these users within their AWS Account. A user is an identity (within a customer AWS Account) with unique security credentials that can be used to access AWS Services. AWS IAM eliminates the need to share passwords or access keys, and makes it easy to enable or disable a user’s access as appropriate.\n \nAWS IAM enables customers to implement security best practices, such as least privilege, by granting unique credentials to every user within their AWS Account and only granting permission to access the AWS Services and resources required for the users to perform their job. AWS IAM is secure by default; new users have no access to AWS until permissions are explicitly granted.\n \nAWS IAM enables customers to minimize the use of their AWS Account credentials. Instead all interactions with AWS Services and resources should be with AWS IAM user security credentials. More information about AWS Identity and Access Management (AWS IAM) is available on the AWS website: http://aws.amazon.com/iam/\n
  • Amazon Account Security Features\nAWS provides a number of ways for customers to identify themselves and securely access their AWS Account. A complete list of credentials supported by AWS can be found on the Security Credentials page under Your Account. AWS also provides additional security options that enable customers to further protect their AWS Account and control access: AWS Identity and Access Management (AWS IAM), Multi-Factor Authentication (MFA) and Key Rotation.\n\nAWS Multi-Factor Authentication (AWS MFA)\nAWS Multi-Factor Authentication (AWS MFA) is an additional layer of security that offers enhanced control over AWS Account settings and the management of the AWS Services and resources for which the account is subscribed. When customers enable this opt-in feature, they will need to provide a six-digit single-use code in addition to their standard username and password credentials before access is granted to their AWS Account settings or AWS Services and resources. Customers get this single use code from an authentication device that they keep in their physical possession. This is called Multi-Factor Authentication because two factors are checked before access is granted: customers need to provide both their username (Amazon e-mail in the case of the AWS Account) and password (the first “factor”: something you know) and the precise code from their authentication device (the second “factor”: something you have). Customers can enable MFA devices for their AWS Account as well as for the users they have created under their AWS Account with AWS IAM.\n \nIt is easy to obtain an authentication device from a participating third party provider and to set it up for use via the AWS website. More information about Multi-Factor Authentication is available on the AWS website: http://aws.amazon.com/mfa/\n \nKey Rotation\nFor the same reasons as it is important to change passwords frequently, AWS recommends that customers rotate their access keys and certificates on a regular basis. To let customers do this without potential impact to their applications’ availability, AWS supports multiple concurrent access keys and certificates. With this feature, customers can rotate keys and certificates into and out of operation on a regular basis without any downtime to their application. This can help to mitigate risk from lost or compromised access keys or certificates. The AWS IAM APIs enables a customer to rotate the access keys of their AWS Account as well as for users created under their AWS Account using AWS IAM. \n \n
  • The firewall can be configured in groups permitting different classes of instances to have different rules. Consider, for example, the case of a traditional three-tiered web application. The group for the web servers would have port 80 (HTTP) and/or port 443 (HTTPS) open to the Internet. The group for the application servers would have port 8000 (application specific) accessible only to the web server group. The group for the database servers would have port 3306 (MySQL) open only to the application server group. All three groups would permit administrative access on port 22 (SSH), but only from the customer’s corporate network. Highly secure applications can be deployed using this expressive mechanism. \n \nHere is an example of the commands needed to establish multi-tier security architecture and of course customers could use the AWS Management Console to do the same:\n \n# Permit HTTP(S) access to Web Layer from the Entire Internetec2auth Web -p 80,443 -s 0.0.0.0/0# Permit ssh access to App Layer from Corp Networkec2auth App -p 22 -s 1.2.3.4/32# Permit ssh access to DB Layer from Vendor Networkec2auth DB -p 22 -s 5.6.7.8/32# Permit Application and DB Layer Access to appropriate internal layersec2auth App -p $APP_PORT -o Webec2auth DB -p $DB_PORT -o App# Permit Bastion host access for Web and DB Layers from App Layerec2auth Web -p 22 -o Appec2auth DB -p 22 -o App\n
  • AWS Direct Connect makes it easy to establish a dedicated network connection from your premise to AWS. Using AWS Direct Connect, you can establish private connectivity between AWS and your datacenter, office, or colocation environment, which in many cases can reduce your network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections. AWS Direct Connect lets you establish a dedicated network connection between your network and one of the AWS Direct Connect locations. Using industry standard 802.1q VLANs, this dedicated connection can be partitioned into multiple logical connections. This allows you to use the same connection to access public resources such as objects stored in Amazon S3 using public IP address space, and private resources such as Amazon EC2 instances running within an Amazon Virtual Private Cloud (VPC) using private IP space, while maintaining network separation between the public and private environments. Logical connections can be reconfigured at any time to meet your changing needs. http://aws.amazon.com/directconnect/\n\nAmazon Virtual Private Cloud (Amazon VPC) lets you provision a private, isolated section of the Amazon Web Services (AWS) Cloud where you can launch AWS resources in a virtual network that you define. With Amazon VPC, you can define a virtual network topology that closely resembles a traditional network that you might operate in your own datacenter. You have control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can easily customize the network configuration for your Amazon VPC. For example, you can create a public-facing subnet for your webservers that has access to the Internet, and place your backend systems such as databases or application servers in a private-facing subnet with no Internet access. You can leverage multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet. Additionally, you can create a Hardware Virtual Private Network (VPN) connection between your corporate datacenter and your VPC and leverage the AWS cloud as an extension of your corporate datacenter. http://aws.amazon.com/vpc/\n\nDedicated Instances are Amazon EC2 instances launched within your Amazon VPC that run hardware dedicated to a single customer. Dedicated Instances let you take full advantage of the benefits of Amazon VPC and the AWS cloud – on-demand elastic provisioning, pay only for what you use, and a private, isolated virtual network, all while ensuring that your Amazon EC2 compute instances will be isolated at the hardware level. You can easily create a VPC that contains dedicated instances only, providing physical isolation for all Amazon EC2 compute instances launched into that VPC, or you can choose to mix both dedicated instances and non-dedicated instances within the same VPC based on application-specific requirements. http://aws.amazon.com/dedicated-instances/\n
  • Security and Operational Excellence is the Top most priority. Its Priority 0. No exceptions allowed. We understand that Security and governance are often the top issues identified when we talk to our customers. Instead of tossing this over the fence, we really advice and highly recommend our customers to invest in security review early in the process. Get your security folks talk to our security folks and understand security and compliance. Security is really not on or off. It’s a spectrum of options that you can choose from that is right for your application.\n
  • \n
  • \n

Transcript

  • 1. Building Fault-Tolerant, HighlyAvailable and Secure ArchitecturesSimon ElishaPrincipal Solution ArchitectAustralia & New Zealand
  • 2. Faults? Facilities Hardware Networking Code People
  • 3. What is “Fault-Tolerant”?Degrees of risk mitigation - not binaryAutomatedTested!
  • 4. Old School Fault-Tolerance: Build Two
  • 5. Design for failure and nothing will fail.
  • 6. Cloud Computing Benefits No Up-Front Low Cost Pay Only for Capital Expense What You Use Self-Service Easily Scale Improve Agility & Infrastructure Up and Down Time-to-Market Depl oy
  • 7. Cloud Computing Fault-Tolerance Benefits No Up-Front HA Low Cost Backups Pay for DR Only Capital Expense When You Use it Self-Service Easily Deliver Fault- Improve Agility & DR Infrastructure Tolerant Applications Time-to-Recovery Depl oy ! ne f i ts t r a n s l a teTh e b e
  • 8. AWS Building Blocks: Two Strategies Inherently fault- Services that are fault-toleranttolerant services with the right architecture S3 Amazon EC2 SimpleDB DynamoDB VPC Cloudfront EBSSWF, SQS, SNS, SES RDS Route53Elastic Load Balancer Elastic Beanstalk ElastiCache Elastic MapReduce IAM
  • 9. Resources DeploymentThe Stack: Management Configuration Networking Facilities Geographies
  • 10. EC2 Instances Amazon Machine ImagesThe Stack: CW Alarms - AutoScaling Cloudformation - Beanstalk Route53 – ElasticIP – ELB Availability Zones Regions
  • 11. http://aws.amazon.com/about-aws/globalinfrastructure/ Regional DiversityUse Regions for: Latency • Customers • Data Vendors • Staff Compliance Disaster Recovery … and Fault Tolerance!
  • 12. Proper Use of Multiple Availability Zones
  • 13. Network Fault-Tolerance Tools107.22.18.45 isn’t fault-tolerant but 50.17.200.146 is: EIPElastic Load BalancingAutomated DNS: Route53New! Latency-Based Routing
  • 14. New EC2 VPC feature:Elastic Network Interface Up to 2 Addresses Span Subnets Attach/Detach Public or Private
  • 15. Cloudformation – Elastic Beanstalk Q: Is your stack unique?
  • 16. Headers Parameters{ "AWSTemplateFormatVersion" : "2010-09-09", "Description" : "Create an EC2 instances", "Parameters" : { "KeyName" : { "Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instance", "Type" : "String" Mappings } }, "Mappings" : { "RegionMap" : { "us-east-1" : { "AMI" : "ami-76f0061f" }, "us-west-1" : { "AMI" : "ami-655a0a20" }, "eu-west-1" : { Resources "AMI" : "ami-7fd4e10b" }, "ap-southeast-1" : { "AMI" : "ami-72621c20" }, "ap-northeast-1" : { "AMI" : "ami-8e08a38f" } } }, "Resources" : { Outputs "Ec2Instance" : { "Type" : "AWS::EC2::Instance", "Properties" : { "KeyName" : { "Ref" : "KeyName" },
  • 17. Set the Temperature – Don’t Run the Furnace
  • 18. Cloudwatch – Alarms – AutoScaling
  • 19. Example:a “fork-lifted” app
  • 20. Example:Fault-Tolerant
  • 21. Why mess with all of that?
  • 22. Amazon Machine Images (AMI’s)Maintenance is criticalAlternatives: Chef, Puppet, cfn-init, etc.New! When in doubt: 64-bit
  • 23. Bootstrapping is powerful…Who am I and what do I do?
  • 24. A Continuum 3 approaches to designing your AMIs Easier to SetupInventory of fully baked AMIs(Frozen/Ready made)“Golden AMIs” with fetch onboot(Frozen Pizza base)AMIs with JeOS and Puppet/Chef (Made to Order) More Control Easier to maintain
  • 25. Bootstrapping 1. Frozen Pizza ModelApacheTomcat Struts Your Code Log4J SpringHibernat e JEE LinuxJava Stack
  • 26. Bootstrapping 1. Frozen Pizza ModelApacheTomcat Struts Your Code Log4J SpringHibernat e JEE Linux Java AMIJava Stack
  • 27. Bootstrapping 1. Frozen Pizza ModelApache ApacheTomcat Tomcat Struts Struts Your Your Code Code Log4J Log4J Spring Spring HibernatHibernat e JEE e JEE Linux Linux Java AMIJava Stack
  • 28. Bootstrapping 1. Frozen Pizza ModelApache ApacheTomcat Tomcat Struts Struts Your Your Code Code Log4J Log4J Spring Spring HibernatHibernat e JEE Amazon EC2 e JEE Linux Linux Java AMIJava Stack
  • 29. Bootstrapping 1. Frozen Pizza ModelApache ApacheTomcat Tomcat Struts Struts IIS Your Your IIS IIS ASP.NET MVC IIS Code Your Code ASP.NET MVC Code Log4Net Your Code Log4J Log4J Spring.NET Log4Net nHibernate Spring.NET .NET nHibernate Spring Windows .NET Windows Spring HibernatHibernat e JEE Amazon EC2 e JEE Linux Linux Java AMIJava Stack
  • 30. Bootstrapping 1. Frozen Pizza ModelApache ApacheTomcat Tomcat Struts Struts IIS IIS Your Your IIS IIS IIS ASP.NET MVC ASP.NET MVC IIS IIS Code Your Code ASP.NET MVC Your Code IIS Code Log4Net Your Code Log4Net Log4J ASP.NET MVC Log4J Spring.NET Log4Net Spring.NET Your Code nHibernate Spring.NET nHibernate Log4Net .NET nHibernate .NET Spring.NET Spring Windows .NET Windows nHibernate Windows Spring .NET Windows HibernatHibernat e JEE Amazon EC2 e JEE Linux Linux Java AMIJava Stack
  • 31. Bootstrapping 2. Frozen Base Pizza ModelApacheTomcat Struts Your Code Log4J SpringHibernat e JEE LinuxJava Stack
  • 32. Bootstrapping 2. Frozen Base Pizza ModelApacheTomcat Struts Your Code Log4J SpringHibernat e JEE LinuxJava Stack Golden AMI
  • 33. Bootstrapping 2. Frozen Base Pizza ModelApache Your CodeTomcat Struts Struts Log4J Spring Your Code Log4J Apache Spring TomcatHibernat Hibernate e JEE JEE Linux LinuxJava Stack Golden AMI
  • 34. Bootstrapping 2. Frozen Base Pizza ModelApache Your CodeTomcat Struts Struts Log4J Spring Your Code Log4J Apache Spring TomcatHibernat Hibernate e JEE Amazon EC2 JEE Linux LinuxJava Stack Golden AMI
  • 35. Bootstrapping 2. Frozen Base Pizza ModelApache Your Code Source ControlTomcat Struts Struts Log4J Spring Your Code Log4J Apache Spring TomcatHibernat Hibernate e JEE Amazon EC2 JEE Linux LinuxJava Stack Golden AMI
  • 36. Bootstrapping 2. Frozen Base Pizza ModelApache Your Code Fetch on boot time Source ControlTomcat Struts Struts Log4J Spring Your IIS Code IIS IIS IIS Log4J IIS IIS IIS .NET IIS .NET Windows .NET Apache .NET Windows Windows Windows Spring TomcatHibernat Hibernate e JEE Amazon EC2 JEE Linux LinuxJava Stack Golden AMI
  • 37. Bootstrapping 3. Made to Order Pizza Model Apache Tomcat Struts Your Code Log4J SpringHibernat e JEE LinuxJava Stack
  • 38. Bootstrapping 3. Made to Order Pizza Model Apache Tomcat Struts Your Code Log4J SpringHibernat Client e JEE Linux LinuxJava Stack AMI (JeOS)
  • 39. Bootstrapping 3. Made to Order Pizza Model Apache Your Code Tomcat Struts Apac Your Strut Tomc he Code Log4J Hiber Log4J s at Sprin Spring nate gHibernat Client e JEE Linux LinuxJava Stack AMI (JeOS)
  • 40. Bootstrapping 3. Made to Order Pizza Model Apache Your Tomcat Code Source Control Cookbook Struts s Apac Chef/Puppet Recipes Your Strut Tomc he Code Log4J Hiber Log4J s at Sprin nate Agent Spring g LinuxHibernat Client e JEE Linux Amazon EC2 LinuxJava Stack AMI (JeOS)
  • 41. trap us ing Use Boots Data "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ ! "#!/bin/bash -exn", ! "yum -y install git-coren", ! "yum -y install php-pearn", ! "pear install Crypt_HMAC2-1.0.0n", ! "pear install HTTP_Request-1.4.4n",! ! ! "pear channel-discoverpear.amazonwebservices.comn",! ! ! "pear install aws/sdkn",
  • 42. RDS: Multi-AZ DeploymentsEnterprise-grade, fault-tolerant solution for productiondatabasesWhat is Multi-AZ deployment?• With a single API call, Amazon RDS creates and synchronously maintains a hot standby in a different availability zone• In the event of an unplanned or planned outage, Amazon RDS automatically fails over to the standby so you can resume database writes and reads as soon as possible
  • 43. RDS: Read ReplicasA Read Replica is a copy of a specified DB Instancethat can serve read trafficIntended use cases• Read scaling, business reporting• Not intended as fault tolerance substitute for multi-AZUnlike Multi-AZ, uses native, asynchronous MySQLreplication and replica can lag sourceRead Replica can use Multi-AZ deployment assource
  • 44. Test! Use a Chaos Monkey! Prudent Conservative Professional Soon to be open source…http://techblog.netflix.com/2010/12/5-lessons-weve-learned-using-aws.html
  • 45. Security
  • 46. Built for Enterprise Security Standards Certifications Physical HW, SW, SOC 1 Type 2 (formerly Security Network SAS-70) Datacenters in Systematic change ISO 27001 nondescript facilities management PCI DSS for EC2, S3, Physical access strictly Phased updates EBS, VPC, RDS, ELB, controlled deployment IAM Must pass two-factor Safe storage FISMA Moderate authentication at least decommission Compliant Controls twice for floor access Automated monitoring HIPAA & ITAR Physical access logged and self-audit Compliant Architecture and audited Advanced network protection
  • 47. Don’t Leave the Gate Open
  • 48. AWS Identity and Access Management (IAM)• Users and Groups within Accounts• Unique security credentials • Access keys – key rotation • Login/Password • Enforce password complexity • optional MFA device• Policies control access to AWS APIs• API calls must be signed by either: • X.509 certificate • secret key• Deep integration into many Services • S3: policies on objects and buckets • DynamoDB: tables
  • 49. AWS Multi-Factor Authentication Helps prevent anyone with unauthorized knowledge of your e- mail address and password from impersonating you Additional protection for account information Works with • Master Account • IAM Users Integrated into • AWS Management Console • Key pages on the AWS Portal • S3 (Secure Delete)A recommended opt-in security feature!
  • 50. Multi-tier Security Approach Example Web Tier Application Tier Database TierPorts 80 and 443only open to the Internet Engineering staff have ssh access to the App Tier, which acts as Sync with on-premises Bastion Amazon EC2 database Security Group Firewall All other Internet ports blocked by default
  • 51. Networking & Security AWS Direct Amazon Virtual Dedicated Connect Private Cloud (VPC) Instances Single Tenant Compute Instance Internet Dedicated connection Private VPN Amazon EC2 resources between your datacenter connection to your running on private and AWS AWS resources hardware
  • 52. In the Cloud, Security is a Shared ResponsibilitySOC 1 Audit Encrypt data in transitISO 27001/2 Certification Application Encrypt data at restPCI DSS 2.0 Level 1 Security Protect your AWS CredentialsHIPAA/SOX Compliance Rotate your keysFISMA Moderate Secure your OS and applicationsFEDRamp / GSA ATOHow we secure our How can you secure yourinfrastructure application and what is your responsibility? Infrastructure Services Security Security What security options and features are available Use MFA, VPC, Leverage S3 bucket to you? policies, EC2 Security groups, EFS in EC2 Etc..
  • 53. Architecture Guidance?Where to look for Architecture Guidance? aws.amazon.com/architecture  Reference Architectures  Best Practices
  • 54. Thank You! Simon Elisha @simon_elisha