AWS Partner Webcast - Best Practices for AWS security, utilization, and cost optimization using CloudCheckr


Published on

As your AWS deployment grows, so does the need to evolve your ability to stay on top of resource utilization, configuration, user access, and ever increasing choices in services and cost reduction opportunities.

In this webinar, you’ll learn from two seasoned veterans how to identify and address potential security misconfigurations and how to optimize AWS resource selection and utilization. For example, you’ll see how customers are saving time and money by using CloudCheckr to automatically check for things like open permissions on Amazon S3 storage buckets, or misconfigured Auto Scaling groups.

What you'll learn:
-How to locate and eliminate the most common misconfigurations customers tend to make with AWS
-How to create an automated process to keep your environment hardened and safe using CloudCheckr

Published in: Technology, News & Politics
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

AWS Partner Webcast - Best Practices for AWS security, utilization, and cost optimization using CloudCheckr

  1. 1. Best Practices for AWS Security, Utilization, and Cost Optimization Using CloudCheckr
  2. 2. Kyle Lichtenberg Solution Architect Amazon Web Services Aaron Newman Founder CloudCheckr Inc. Introducing
  3. 3. Webinar Overview  Submit Your Questions using the Q&A tool.  A copy of today’s presentation will be made available on:  AWS SlideShare Channel@  AWS Webinar Channel on YouTube@ nPlVzJI-ccQXlxjSvJmw
  4. 4.  Intro to Amazon Web Services security and pricing models  Common security and resource configuration issues that can have a financial impact  How to use CloudCheckr to create an automated process to keep your environment safe and cost efficient  Q&A What We’ll Cover
  5. 5. Security on AWS Facilities Physical security Compute infrastructure Storage infrastructure Network infrastructure Virtualization layer (EC2) Hardened service endpoints Rich IAM capabilities + Customers A Shared Responsibility Model Security experts are a scarce resource Refocus security pros on a subset of the problem Network configuration Security groups OS firewalls Operating systems Application security Service configuration AuthN & acct management Authorization policies
  6. 6. Pricing on AWS On-Demand Pay for compute capacity by the hour with no long-term commitments For spiky workloads, or to define needs Reserved Make a low, one-time payment and receive a significant discount on the hourly charge For committed utilization
  7. 7. Common Issues $ S3 Policies IAM Management Incorrect Health Checks Under-utilized Resources Snapshot Management Unexpected Transfer Unwanted Resources Empty Instance Cost Wasted Capital Potential Data Loss
  8. 8. Security, Utilization, and Cost Optimization Best Practices for AWS Aaron C. Newman Founder, CloudCheckr
  9. 9. Examples of Best Practices for IAM • Enabled IAM Password Policies • Rotate your IAM access keys every 90 days • Use Multi-factor Authentication • Use IAM groups • Don’t grant permissions to users • Setup an Administrators group See “Top Ten IAM Best Practices” at
  10. 10. Examples of Best Practices for S3 • NEVER allow Upload/Delete permissions open to Everyone • Enable logging on your S3 buckets • Review Open List permissions for sensitive files See “Best Practices for Using Amazon S3” at
  11. 11. Best Practices for Resource Utilization • Locate and eliminate idle resources • Right-size resources • Don’t under or over-utilize • Use Auto Scaling Groups Check on ALL your resources: EC2, EBS, ELBs, RDS, DynamoDB, ElastiCache, etc…
  12. 12. Best Practices: Monitoring Activity/Errors • Use CloudTrail • Make sure it’s setup and running • Monitoring for Unauthorized Access Attempts • Check for access from new/unauthorized users or locations • Proactively Look for Errors in Logs • Check sources like EC2 console output, CloudWatch, event logs, status errors from the API
  13. 13. Why use CloudCheckr for Best Practices? • Best practice engine provides deep knowledge • 250+ checks across ALL the AWS Services • To find all the issues, not just some of them • Configurable to your environment • For instance, how much is “idle”, what is “too many ELB HTTP errors” • Runs on a regular basis • Nightly so you know in a timely fashion when something needs your attention • Pushes Notifications To You • Alerted by email, so you don’t have to go looking for problems
  14. 14. Why use CloudCheckr for Best Practices? • Capability to ignore/suppress • Some things are ok in your environment • Manage in a single view across all your accounts • The larger the environment, the more complexity, the hard to track down problems • Monitor by tags • Setup tags to include or exclude tags you choose • Drilldown on problems • Telling me I have a problem is not enough. Give me lots of details.
  15. 15. Thank You for Attending Sign up today for free evaluation at Aaron Newman is the Founder of CloudCheckr ( Please contact me with additional questions at:
  16. 16. Questions Contacts: CloudCheckr Info: CloudCheckr Contact: AWS Contact:
  17. 17. We’d like your feedback. Please complete a short survey. 3zanj7xx4dY4wR Click the link in your Chat Box