SlideShare a Scribd company logo

Securing AWS Infrastructure

DEVCON
DEVCON

Presented during DevCon Summit 2016 #DevFutureForward on November 5-6, 2016 at SMX Convention Center Manila, Mall of Asia Complex, Pasay City.

Technology
1 of 18
Download to read offline
DevCon #2016 Securing AWS Infrastructure
About the speaker - Neil Alwin Hermosilla - Devops Engineer - Blogger [https://cebuserver.com] - Cebuano Native - Ansible Lover - Die-hard Debian User
Meet the threat
Focusing on ... - AWS Key Management - AWS IAM Management - AWS AMI Management - AWS Security Groups - Server Monitoring - Alert Notification - Art of Monitoring
Key Management
Key Management
Key Management
AWS IAM 3rd Party Providers - Make sure you don’t give full permission to execute unauthorized API Calls. - Make sure to evaluate permission every quarter - Use it dedicatedly User - Control resource access permission (ACL) - Utilize ReadOnly/Full policy - Don’t enable “password” (stick with access-key/secret-key)
AWS IAM Group - Group users properly - Best practice is to group it via Department/Team - Developer Support - QA Engineer - Developer Release - Business Groups - System Admin I - Project Managers - System Admin II Roles - Utilize creating IAM Roles (enabling resource triggers from one or more services). Better than getting passwords all over the place.
AWS AMI - Evaluate preferred Distro - Evaluate AMI format/type - Evaluate AMI builds (components) - Evaluate defaults (libraries to be added) - Evaluate base softwares (pre-installed) - Initiate a snapshot of the server - Use the snapshot to spawn additional machines
AWS Security Groups Things to be aware: - If instance is created via classic mode (default), once it’s fired up, there is no way for you to add more security groups to it. *BETTER UTILIZE VPC -- SEGREGATE THE NETWORK* - Always create a “spare-tire” Security-Group. Remote IP Whitelisting
Server Monitoring
Alert Notification
DEVOPSHQ.ORG @NeilUpbeta01 CebuServer.Com AWSUGPH

Recommended

DevCon Summit 2016
DevCon Summit 2016DevCon Summit 2016
DevCon Summit 2016Neil Alwin Hermosilla
 
Aws ebs snapshot with iam cross account access
Aws ebs snapshot with iam cross account accessAws ebs snapshot with iam cross account access
Aws ebs snapshot with iam cross account accessNaoya Hashimoto
 
Word press as your company website
Word press as your company websiteWord press as your company website
Word press as your company websiteKelli Wise
 
Building for success and failure with Disqus
Building for success and failure with DisqusBuilding for success and failure with Disqus
Building for success and failure with DisqusJonathon Hill
 
(DVO305) Turbocharge YContinuous Deployment Pipeline with Containers
(DVO305) Turbocharge YContinuous Deployment Pipeline with Containers(DVO305) Turbocharge YContinuous Deployment Pipeline with Containers
(DVO305) Turbocharge YContinuous Deployment Pipeline with ContainersAmazon Web Services
 
Try to use chromeless on AWS Lambda
Try to use chromeless on AWS LambdaTry to use chromeless on AWS Lambda
Try to use chromeless on AWS LambdaRyo Shibayama
 
TLS303 How to Deploy Python Applications on AWS Elastic Beanstalk - AWS re:In...
TLS303 How to Deploy Python Applications on AWS Elastic Beanstalk - AWS re:In...TLS303 How to Deploy Python Applications on AWS Elastic Beanstalk - AWS re:In...
TLS303 How to Deploy Python Applications on AWS Elastic Beanstalk - AWS re:In...Amazon Web Services
 
IAM Best Practices
IAM Best PracticesIAM Best Practices
IAM Best PracticesAmazon Web Services
 

Recommended

DevCon Summit 2016
DevCon Summit 2016DevCon Summit 2016
DevCon Summit 2016Neil Alwin Hermosilla
 
Aws ebs snapshot with iam cross account access
Aws ebs snapshot with iam cross account accessAws ebs snapshot with iam cross account access
Aws ebs snapshot with iam cross account accessNaoya Hashimoto
 
Word press as your company website
Word press as your company websiteWord press as your company website
Word press as your company websiteKelli Wise
 
Building for success and failure with Disqus
Building for success and failure with DisqusBuilding for success and failure with Disqus
Building for success and failure with DisqusJonathon Hill
 
(DVO305) Turbocharge YContinuous Deployment Pipeline with Containers
(DVO305) Turbocharge YContinuous Deployment Pipeline with Containers(DVO305) Turbocharge YContinuous Deployment Pipeline with Containers
(DVO305) Turbocharge YContinuous Deployment Pipeline with ContainersAmazon Web Services
 
Try to use chromeless on AWS Lambda
Try to use chromeless on AWS LambdaTry to use chromeless on AWS Lambda
Try to use chromeless on AWS LambdaRyo Shibayama
 
TLS303 How to Deploy Python Applications on AWS Elastic Beanstalk - AWS re:In...
TLS303 How to Deploy Python Applications on AWS Elastic Beanstalk - AWS re:In...TLS303 How to Deploy Python Applications on AWS Elastic Beanstalk - AWS re:In...
TLS303 How to Deploy Python Applications on AWS Elastic Beanstalk - AWS re:In...Amazon Web Services
 
IAM Best Practices
IAM Best PracticesIAM Best Practices
IAM Best PracticesAmazon Web Services
 
Deploy, manage, and scale your apps
Deploy, manage, and scale your appsDeploy, manage, and scale your apps
Deploy, manage, and scale your appsAmazon Web Services
 
AWS elastic beanstalk
AWS elastic beanstalkAWS elastic beanstalk
AWS elastic beanstalkJakub Krajcovic
 
Federation
Federation Federation
Federation Amazon Web Services
 
Aegir Introduction
Aegir IntroductionAegir Introduction
Aegir Introductionhowardjacobson
 
Intro To Calypso: Simplifying WordPress
Intro To Calypso: Simplifying WordPressIntro To Calypso: Simplifying WordPress
Intro To Calypso: Simplifying WordPressChristopher Smith
 
Top 10 AWS Identity and Access Management (IAM) Best Practices (SEC301) | AWS...
Top 10 AWS Identity and Access Management (IAM) Best Practices (SEC301) | AWS...Top 10 AWS Identity and Access Management (IAM) Best Practices (SEC301) | AWS...
Top 10 AWS Identity and Access Management (IAM) Best Practices (SEC301) | AWS...Amazon Web Services
 
(SEC304) Bring Your Own Identities – Federating Access to Your AWS Environmen...
(SEC304) Bring Your Own Identities – Federating Access to Your AWS Environmen...(SEC304) Bring Your Own Identities – Federating Access to Your AWS Environmen...
(SEC304) Bring Your Own Identities – Federating Access to Your AWS Environmen...Amazon Web Services
 
Amazon EC2 and AWS Elastic Beanstalk Introduction
Amazon EC2 and AWS Elastic Beanstalk IntroductionAmazon EC2 and AWS Elastic Beanstalk Introduction
Amazon EC2 and AWS Elastic Beanstalk IntroductionAmazon Web Services
 
AWS Summit Stockholm 2014 – B1 – Building a cloud ready it team
AWS Summit Stockholm 2014 – B1 – Building a cloud ready it teamAWS Summit Stockholm 2014 – B1 – Building a cloud ready it team
AWS Summit Stockholm 2014 – B1 – Building a cloud ready it teamAmazon Web Services
 
Deploy and Scale your PHP App with AWS ElasticBeanstalk and Docker- PHPTour L...
Deploy and Scale your PHP App with AWS ElasticBeanstalk and Docker- PHPTour L...Deploy and Scale your PHP App with AWS ElasticBeanstalk and Docker- PHPTour L...
Deploy and Scale your PHP App with AWS ElasticBeanstalk and Docker- PHPTour L...Corley S.r.l.
 
Aws cli
Aws cliAws cli
Aws cliAnh Vu Pham
 
Docker on AWS
Docker on AWSDocker on AWS
Docker on AWSAmazon Web Services
 
[Jun AWS 201] Elastic Beanstalk for Startups
[Jun AWS 201] Elastic Beanstalk for Startups[Jun AWS 201] Elastic Beanstalk for Startups
[Jun AWS 201] Elastic Beanstalk for StartupsAmazon Web Services Korea
 
Deploy PHP Apps on AWS Beanstalk & Deploy with Git
Deploy PHP Apps on AWS Beanstalk & Deploy with GitDeploy PHP Apps on AWS Beanstalk & Deploy with Git
Deploy PHP Apps on AWS Beanstalk & Deploy with GitAmazon Web Services
 
CloudFormation Best Practices
CloudFormation Best PracticesCloudFormation Best Practices
CloudFormation Best PracticesAmazon Web Services
 
(DVO301) AWS OpsWorks Under the Hood
(DVO301) AWS OpsWorks Under the Hood(DVO301) AWS OpsWorks Under the Hood
(DVO301) AWS OpsWorks Under the HoodAmazon Web Services
 
Integrate AWS CodeDeploy With Git And Deploy A Revision
Integrate AWS CodeDeploy With Git And Deploy A RevisionIntegrate AWS CodeDeploy With Git And Deploy A Revision
Integrate AWS CodeDeploy With Git And Deploy A Revisiondevopsjourney
 
AWS Account Security Checklist
AWS Account Security ChecklistAWS Account Security Checklist
AWS Account Security ChecklistNinad Gupte
 
How to scale to 100k users using Windows Azure
How to scale to 100k users using Windows AzureHow to scale to 100k users using Windows Azure
How to scale to 100k users using Windows AzureIonut Antiu
 
Elasticsearch
ElasticsearchElasticsearch
Elasticsearchshengyan cheng
 
Docker - Contain that Wild Application by Marvin Arcilla
Docker - Contain that Wild Application by Marvin ArcillaDocker - Contain that Wild Application by Marvin Arcilla
Docker - Contain that Wild Application by Marvin ArcillaDEVCON
 
Solving Database Management, Migration, and Scaling Problems with DevOps Tool...
Solving Database Management, Migration, and Scaling Problems with DevOps Tool...Solving Database Management, Migration, and Scaling Problems with DevOps Tool...
Solving Database Management, Migration, and Scaling Problems with DevOps Tool...DEVCON
 

More Related Content

What's hot

Deploy, manage, and scale your apps
Deploy, manage, and scale your appsDeploy, manage, and scale your apps
Deploy, manage, and scale your appsAmazon Web Services
 
Intro To Calypso: Simplifying WordPress
Intro To Calypso: Simplifying WordPressIntro To Calypso: Simplifying WordPress
Intro To Calypso: Simplifying WordPressChristopher Smith
 
Top 10 AWS Identity and Access Management (IAM) Best Practices (SEC301) | AWS...
Top 10 AWS Identity and Access Management (IAM) Best Practices (SEC301) | AWS...Top 10 AWS Identity and Access Management (IAM) Best Practices (SEC301) | AWS...
Top 10 AWS Identity and Access Management (IAM) Best Practices (SEC301) | AWS...Amazon Web Services
 
(SEC304) Bring Your Own Identities – Federating Access to Your AWS Environmen...
(SEC304) Bring Your Own Identities – Federating Access to Your AWS Environmen...(SEC304) Bring Your Own Identities – Federating Access to Your AWS Environmen...
(SEC304) Bring Your Own Identities – Federating Access to Your AWS Environmen...Amazon Web Services
 
Amazon EC2 and AWS Elastic Beanstalk Introduction
Amazon EC2 and AWS Elastic Beanstalk IntroductionAmazon EC2 and AWS Elastic Beanstalk Introduction
Amazon EC2 and AWS Elastic Beanstalk IntroductionAmazon Web Services
 
AWS Summit Stockholm 2014 – B1 – Building a cloud ready it team
AWS Summit Stockholm 2014 – B1 – Building a cloud ready it teamAWS Summit Stockholm 2014 – B1 – Building a cloud ready it team
AWS Summit Stockholm 2014 – B1 – Building a cloud ready it teamAmazon Web Services
 
Deploy and Scale your PHP App with AWS ElasticBeanstalk and Docker- PHPTour L...
Deploy and Scale your PHP App with AWS ElasticBeanstalk and Docker- PHPTour L...Deploy and Scale your PHP App with AWS ElasticBeanstalk and Docker- PHPTour L...
Deploy and Scale your PHP App with AWS ElasticBeanstalk and Docker- PHPTour L...Corley S.r.l.
 
[Jun AWS 201] Elastic Beanstalk for Startups
[Jun AWS 201] Elastic Beanstalk for Startups[Jun AWS 201] Elastic Beanstalk for Startups
[Jun AWS 201] Elastic Beanstalk for StartupsAmazon Web Services Korea
 
Deploy PHP Apps on AWS Beanstalk & Deploy with Git
Deploy PHP Apps on AWS Beanstalk & Deploy with GitDeploy PHP Apps on AWS Beanstalk & Deploy with Git
Deploy PHP Apps on AWS Beanstalk & Deploy with GitAmazon Web Services
 
(DVO301) AWS OpsWorks Under the Hood
(DVO301) AWS OpsWorks Under the Hood(DVO301) AWS OpsWorks Under the Hood
(DVO301) AWS OpsWorks Under the HoodAmazon Web Services
 
Integrate AWS CodeDeploy With Git And Deploy A Revision
Integrate AWS CodeDeploy With Git And Deploy A RevisionIntegrate AWS CodeDeploy With Git And Deploy A Revision
Integrate AWS CodeDeploy With Git And Deploy A Revisiondevopsjourney
 
AWS Account Security Checklist
AWS Account Security ChecklistAWS Account Security Checklist
AWS Account Security ChecklistNinad Gupte
 
How to scale to 100k users using Windows Azure
How to scale to 100k users using Windows AzureHow to scale to 100k users using Windows Azure
How to scale to 100k users using Windows AzureIonut Antiu
 

What's hot (20)

Deploy, manage, and scale your apps
Deploy, manage, and scale your appsDeploy, manage, and scale your apps
Deploy, manage, and scale your apps
 
AWS elastic beanstalk
AWS elastic beanstalkAWS elastic beanstalk
AWS elastic beanstalk
 
Federation
Federation Federation
Federation
 
Aegir Introduction
Aegir IntroductionAegir Introduction
Aegir Introduction
 
Intro To Calypso: Simplifying WordPress
Intro To Calypso: Simplifying WordPressIntro To Calypso: Simplifying WordPress
Intro To Calypso: Simplifying WordPress
 
Top 10 AWS Identity and Access Management (IAM) Best Practices (SEC301) | AWS...
Top 10 AWS Identity and Access Management (IAM) Best Practices (SEC301) | AWS...Top 10 AWS Identity and Access Management (IAM) Best Practices (SEC301) | AWS...
Top 10 AWS Identity and Access Management (IAM) Best Practices (SEC301) | AWS...
 
(SEC304) Bring Your Own Identities – Federating Access to Your AWS Environmen...
(SEC304) Bring Your Own Identities – Federating Access to Your AWS Environmen...(SEC304) Bring Your Own Identities – Federating Access to Your AWS Environmen...
(SEC304) Bring Your Own Identities – Federating Access to Your AWS Environmen...
 
Amazon EC2 and AWS Elastic Beanstalk Introduction
Amazon EC2 and AWS Elastic Beanstalk IntroductionAmazon EC2 and AWS Elastic Beanstalk Introduction
Amazon EC2 and AWS Elastic Beanstalk Introduction
 
AWS Summit Stockholm 2014 – B1 – Building a cloud ready it team
AWS Summit Stockholm 2014 – B1 – Building a cloud ready it teamAWS Summit Stockholm 2014 – B1 – Building a cloud ready it team
AWS Summit Stockholm 2014 – B1 – Building a cloud ready it team
 
Deploy and Scale your PHP App with AWS ElasticBeanstalk and Docker- PHPTour L...
Deploy and Scale your PHP App with AWS ElasticBeanstalk and Docker- PHPTour L...Deploy and Scale your PHP App with AWS ElasticBeanstalk and Docker- PHPTour L...
Deploy and Scale your PHP App with AWS ElasticBeanstalk and Docker- PHPTour L...
 
Aws cli
Aws cliAws cli
Aws cli
 
Docker on AWS
Docker on AWSDocker on AWS
Docker on AWS
 
[Jun AWS 201] Elastic Beanstalk for Startups
[Jun AWS 201] Elastic Beanstalk for Startups[Jun AWS 201] Elastic Beanstalk for Startups
[Jun AWS 201] Elastic Beanstalk for Startups
 
Deploy PHP Apps on AWS Beanstalk & Deploy with Git
Deploy PHP Apps on AWS Beanstalk & Deploy with GitDeploy PHP Apps on AWS Beanstalk & Deploy with Git
Deploy PHP Apps on AWS Beanstalk & Deploy with Git
 
CloudFormation Best Practices
CloudFormation Best PracticesCloudFormation Best Practices
CloudFormation Best Practices
 
(DVO301) AWS OpsWorks Under the Hood
(DVO301) AWS OpsWorks Under the Hood(DVO301) AWS OpsWorks Under the Hood
(DVO301) AWS OpsWorks Under the Hood
 
Integrate AWS CodeDeploy With Git And Deploy A Revision
Integrate AWS CodeDeploy With Git And Deploy A RevisionIntegrate AWS CodeDeploy With Git And Deploy A Revision
Integrate AWS CodeDeploy With Git And Deploy A Revision
 
AWS Account Security Checklist
AWS Account Security ChecklistAWS Account Security Checklist
AWS Account Security Checklist
 
How to scale to 100k users using Windows Azure
How to scale to 100k users using Windows AzureHow to scale to 100k users using Windows Azure
How to scale to 100k users using Windows Azure
 
Elasticsearch
ElasticsearchElasticsearch
Elasticsearch
 

Viewers also liked

Docker - Contain that Wild Application by Marvin Arcilla
Docker - Contain that Wild Application by Marvin ArcillaDocker - Contain that Wild Application by Marvin Arcilla
Docker - Contain that Wild Application by Marvin ArcillaDEVCON
 
Solving Database Management, Migration, and Scaling Problems with DevOps Tool...
Solving Database Management, Migration, and Scaling Problems with DevOps Tool...Solving Database Management, Migration, and Scaling Problems with DevOps Tool...
Solving Database Management, Migration, and Scaling Problems with DevOps Tool...DEVCON
 
Talk nerdy to me: how the future of UX is conversation and bots by Brian Rowe
Talk nerdy to me: how the future of UX is conversation and bots by Brian RoweTalk nerdy to me: how the future of UX is conversation and bots by Brian Rowe
Talk nerdy to me: how the future of UX is conversation and bots by Brian RoweDEVCON
 
Progressive Web Apps by Millicent Convento
Progressive Web Apps by Millicent ConventoProgressive Web Apps by Millicent Convento
Progressive Web Apps by Millicent ConventoDEVCON
 
Open Minded? Software Engineer to a UX Engineer. Ask me how. by Micael Diaz d...
Open Minded? Software Engineer to a UX Engineer. Ask me how. by Micael Diaz d...Open Minded? Software Engineer to a UX Engineer. Ask me how. by Micael Diaz d...
Open Minded? Software Engineer to a UX Engineer. Ask me how. by Micael Diaz d...DEVCON
 
Pokemon Go Analysis by Jolo Balbin
Pokemon Go Analysis by Jolo BalbinPokemon Go Analysis by Jolo Balbin
Pokemon Go Analysis by Jolo BalbinDEVCON
 
Smart Waste Disposal System by Russ Earl Malangen
Smart Waste Disposal System by Russ Earl MalangenSmart Waste Disposal System by Russ Earl Malangen
Smart Waste Disposal System by Russ Earl MalangenDEVCON
 
Payment Acceptance and Card Tokenization in JavaScript by Diwa Del Mundo
Payment Acceptance and Card Tokenization in JavaScript by Diwa Del MundoPayment Acceptance and Card Tokenization in JavaScript by Diwa Del Mundo
Payment Acceptance and Card Tokenization in JavaScript by Diwa Del MundoDEVCON
 
How to Prevent Design Blindness by Tin Balabat
How to Prevent Design Blindness by Tin BalabatHow to Prevent Design Blindness by Tin Balabat
How to Prevent Design Blindness by Tin BalabatDEVCON
 
The A1 by Christian John Felix
The A1 by Christian John FelixThe A1 by Christian John Felix
The A1 by Christian John FelixDEVCON
 
Rain Classifier: The Engineered Way of Evaluating the Rain by Paulo Luis Lozano
Rain Classifier: The Engineered Way of Evaluating the Rain by Paulo Luis LozanoRain Classifier: The Engineered Way of Evaluating the Rain by Paulo Luis Lozano
Rain Classifier: The Engineered Way of Evaluating the Rain by Paulo Luis LozanoDEVCON
 
Quick prototyping (Construct 2 & Unity) by Roan Contreras
Quick prototyping (Construct 2 & Unity) by Roan ContrerasQuick prototyping (Construct 2 & Unity) by Roan Contreras
Quick prototyping (Construct 2 & Unity) by Roan ContrerasDEVCON
 
Applying Machine Learning for Mobile Games by Neil Patrick Del Gallego
Applying Machine Learning for Mobile Games by Neil Patrick Del GallegoApplying Machine Learning for Mobile Games by Neil Patrick Del Gallego
Applying Machine Learning for Mobile Games by Neil Patrick Del GallegoDEVCON
 
Fundamentals of IoT: Communications with Uttr by Edmandie Samonte
Fundamentals of IoT: Communications with Uttr by Edmandie SamonteFundamentals of IoT: Communications with Uttr by Edmandie Samonte
Fundamentals of IoT: Communications with Uttr by Edmandie SamonteDEVCON
 
Protocol-Oriented Programming in iOS: the Correct Way to Use Swift by JC Vela...
Protocol-Oriented Programming in iOS: the Correct Way to Use Swift by JC Vela...Protocol-Oriented Programming in iOS: the Correct Way to Use Swift by JC Vela...
Protocol-Oriented Programming in iOS: the Correct Way to Use Swift by JC Vela...DEVCON
 
A Smarter World: The Mesh of Interconnected Devices and Artificial Intelligen...
A Smarter World: The Mesh of Interconnected Devices and Artificial Intelligen...A Smarter World: The Mesh of Interconnected Devices and Artificial Intelligen...
A Smarter World: The Mesh of Interconnected Devices and Artificial Intelligen...DEVCON
 
Creating a Hospital Based IoT Solution by Russ Earl Malangen
Creating a Hospital Based IoT Solution by Russ Earl MalangenCreating a Hospital Based IoT Solution by Russ Earl Malangen
Creating a Hospital Based IoT Solution by Russ Earl MalangenDEVCON
 
Developing a Smart Farm: Using Low-Cost electronics and a Civil Engineering B...
Developing a Smart Farm: Using Low-Cost electronics and a Civil Engineering B...Developing a Smart Farm: Using Low-Cost electronics and a Civil Engineering B...
Developing a Smart Farm: Using Low-Cost electronics and a Civil Engineering B...DEVCON
 
Developing Your First Mobile VR App by NJ Realubit
Developing Your First Mobile VR App by NJ RealubitDeveloping Your First Mobile VR App by NJ Realubit
Developing Your First Mobile VR App by NJ RealubitDEVCON
 
Docker introduction
Docker introductionDocker introduction
Docker introductiondotCloud
 

Viewers also liked (20)

Docker - Contain that Wild Application by Marvin Arcilla
Docker - Contain that Wild Application by Marvin ArcillaDocker - Contain that Wild Application by Marvin Arcilla
Docker - Contain that Wild Application by Marvin Arcilla
 
Solving Database Management, Migration, and Scaling Problems with DevOps Tool...
Solving Database Management, Migration, and Scaling Problems with DevOps Tool...Solving Database Management, Migration, and Scaling Problems with DevOps Tool...
Solving Database Management, Migration, and Scaling Problems with DevOps Tool...
 
Talk nerdy to me: how the future of UX is conversation and bots by Brian Rowe
Talk nerdy to me: how the future of UX is conversation and bots by Brian RoweTalk nerdy to me: how the future of UX is conversation and bots by Brian Rowe
Talk nerdy to me: how the future of UX is conversation and bots by Brian Rowe
 
Progressive Web Apps by Millicent Convento
Progressive Web Apps by Millicent ConventoProgressive Web Apps by Millicent Convento
Progressive Web Apps by Millicent Convento
 
Open Minded? Software Engineer to a UX Engineer. Ask me how. by Micael Diaz d...
Open Minded? Software Engineer to a UX Engineer. Ask me how. by Micael Diaz d...Open Minded? Software Engineer to a UX Engineer. Ask me how. by Micael Diaz d...
Open Minded? Software Engineer to a UX Engineer. Ask me how. by Micael Diaz d...
 
Pokemon Go Analysis by Jolo Balbin
Pokemon Go Analysis by Jolo BalbinPokemon Go Analysis by Jolo Balbin
Pokemon Go Analysis by Jolo Balbin
 
Smart Waste Disposal System by Russ Earl Malangen
Smart Waste Disposal System by Russ Earl MalangenSmart Waste Disposal System by Russ Earl Malangen
Smart Waste Disposal System by Russ Earl Malangen
 
Payment Acceptance and Card Tokenization in JavaScript by Diwa Del Mundo
Payment Acceptance and Card Tokenization in JavaScript by Diwa Del MundoPayment Acceptance and Card Tokenization in JavaScript by Diwa Del Mundo
Payment Acceptance and Card Tokenization in JavaScript by Diwa Del Mundo
 
How to Prevent Design Blindness by Tin Balabat
How to Prevent Design Blindness by Tin BalabatHow to Prevent Design Blindness by Tin Balabat
How to Prevent Design Blindness by Tin Balabat
 
The A1 by Christian John Felix
The A1 by Christian John FelixThe A1 by Christian John Felix
The A1 by Christian John Felix
 
Rain Classifier: The Engineered Way of Evaluating the Rain by Paulo Luis Lozano
Rain Classifier: The Engineered Way of Evaluating the Rain by Paulo Luis LozanoRain Classifier: The Engineered Way of Evaluating the Rain by Paulo Luis Lozano
Rain Classifier: The Engineered Way of Evaluating the Rain by Paulo Luis Lozano
 
Quick prototyping (Construct 2 & Unity) by Roan Contreras
Quick prototyping (Construct 2 & Unity) by Roan ContrerasQuick prototyping (Construct 2 & Unity) by Roan Contreras
Quick prototyping (Construct 2 & Unity) by Roan Contreras
 
Applying Machine Learning for Mobile Games by Neil Patrick Del Gallego
Applying Machine Learning for Mobile Games by Neil Patrick Del GallegoApplying Machine Learning for Mobile Games by Neil Patrick Del Gallego
Applying Machine Learning for Mobile Games by Neil Patrick Del Gallego
 
Fundamentals of IoT: Communications with Uttr by Edmandie Samonte
Fundamentals of IoT: Communications with Uttr by Edmandie SamonteFundamentals of IoT: Communications with Uttr by Edmandie Samonte
Fundamentals of IoT: Communications with Uttr by Edmandie Samonte
 
Protocol-Oriented Programming in iOS: the Correct Way to Use Swift by JC Vela...
Protocol-Oriented Programming in iOS: the Correct Way to Use Swift by JC Vela...Protocol-Oriented Programming in iOS: the Correct Way to Use Swift by JC Vela...
Protocol-Oriented Programming in iOS: the Correct Way to Use Swift by JC Vela...
 
A Smarter World: The Mesh of Interconnected Devices and Artificial Intelligen...
A Smarter World: The Mesh of Interconnected Devices and Artificial Intelligen...A Smarter World: The Mesh of Interconnected Devices and Artificial Intelligen...
A Smarter World: The Mesh of Interconnected Devices and Artificial Intelligen...
 
Creating a Hospital Based IoT Solution by Russ Earl Malangen
Creating a Hospital Based IoT Solution by Russ Earl MalangenCreating a Hospital Based IoT Solution by Russ Earl Malangen
Creating a Hospital Based IoT Solution by Russ Earl Malangen
 
Developing a Smart Farm: Using Low-Cost electronics and a Civil Engineering B...
Developing a Smart Farm: Using Low-Cost electronics and a Civil Engineering B...Developing a Smart Farm: Using Low-Cost electronics and a Civil Engineering B...
Developing a Smart Farm: Using Low-Cost electronics and a Civil Engineering B...
 
Developing Your First Mobile VR App by NJ Realubit
Developing Your First Mobile VR App by NJ RealubitDeveloping Your First Mobile VR App by NJ Realubit
Developing Your First Mobile VR App by NJ Realubit
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
 

Similar to Securing AWS Infrastructure

Aws iam best practices to live by
Aws iam best practices to live byAws iam best practices to live by
Aws iam best practices to live byJohn Varghese
 
(SEC302) IAM Best Practices To Live By
(SEC302) IAM Best Practices To Live By(SEC302) IAM Best Practices To Live By
(SEC302) IAM Best Practices To Live ByAmazon Web Services
 
AWS re:Invent 2016: IAM Best Practices to Live By (SAC317)
AWS re:Invent 2016: IAM Best Practices to Live By (SAC317)AWS re:Invent 2016: IAM Best Practices to Live By (SAC317)
AWS re:Invent 2016: IAM Best Practices to Live By (SAC317)Amazon Web Services
 
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...😸 Richard Spindler
 
Security Day IAM Recommended Practices
Security Day IAM Recommended PracticesSecurity Day IAM Recommended Practices
Security Day IAM Recommended PracticesAmazon Web Services
 
IAM Best Practices to Live By - Pop-up Loft Tel Aviv
IAM Best Practices to Live By - Pop-up Loft Tel AvivIAM Best Practices to Live By - Pop-up Loft Tel Aviv
IAM Best Practices to Live By - Pop-up Loft Tel AvivAmazon Web Services
 
It's 10pm, Do You Know Where Your Access Keys Are?
It's 10pm, Do You Know Where Your Access Keys Are?It's 10pm, Do You Know Where Your Access Keys Are?
It's 10pm, Do You Know Where Your Access Keys Are?Ken Johnson
 
Security Day IAM Recommended Practices
Security Day IAM Recommended PracticesSecurity Day IAM Recommended Practices
Security Day IAM Recommended PracticesAmazon Web Services
 
SEC309 Secure Your Cloud Investment: Mastering AWS Identity Access Management...
SEC309 Secure Your Cloud Investment: Mastering AWS Identity Access Management...SEC309 Secure Your Cloud Investment: Mastering AWS Identity Access Management...
SEC309 Secure Your Cloud Investment: Mastering AWS Identity Access Management...Amazon Web Services
 
AWS & Infrastructure Hardening - Cloud Infrastructure Security
AWS & Infrastructure Hardening - Cloud Infrastructure SecurityAWS & Infrastructure Hardening - Cloud Infrastructure Security
AWS & Infrastructure Hardening - Cloud Infrastructure SecurityNutanix Beam
 
Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017 Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017 Amazon Web Services
 
Controlling Access to your Resources
Controlling Access to your ResourcesControlling Access to your Resources
Controlling Access to your ResourcesAmazon Web Services
 
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Amazon Web Services
 
Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps Kristana Kane
 
AWS Summit 2011: Application Security Best Practices
AWS Summit 2011: Application Security Best PracticesAWS Summit 2011: Application Security Best Practices
AWS Summit 2011: Application Security Best PracticesAmazon Web Services
 
How to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startupsHow to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startupsAleksandr Maklakov
 

Similar to Securing AWS Infrastructure (20)

Aws iam best practices to live by
Aws iam best practices to live byAws iam best practices to live by
Aws iam best practices to live by
 
(SEC302) IAM Best Practices To Live By
(SEC302) IAM Best Practices To Live By(SEC302) IAM Best Practices To Live By
(SEC302) IAM Best Practices To Live By
 
AWS re:Invent 2016: IAM Best Practices to Live By (SAC317)
AWS re:Invent 2016: IAM Best Practices to Live By (SAC317)AWS re:Invent 2016: IAM Best Practices to Live By (SAC317)
AWS re:Invent 2016: IAM Best Practices to Live By (SAC317)
 
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...
 
Security Day IAM Recommended Practices
Security Day IAM Recommended PracticesSecurity Day IAM Recommended Practices
Security Day IAM Recommended Practices
 
IAM Best Practices to Live By - Pop-up Loft Tel Aviv
IAM Best Practices to Live By - Pop-up Loft Tel AvivIAM Best Practices to Live By - Pop-up Loft Tel Aviv
IAM Best Practices to Live By - Pop-up Loft Tel Aviv
 
It's 10pm, Do You Know Where Your Access Keys Are?
It's 10pm, Do You Know Where Your Access Keys Are?It's 10pm, Do You Know Where Your Access Keys Are?
It's 10pm, Do You Know Where Your Access Keys Are?
 
Security Day IAM Recommended Practices
Security Day IAM Recommended PracticesSecurity Day IAM Recommended Practices
Security Day IAM Recommended Practices
 
IAM Best Practices
IAM Best PracticesIAM Best Practices
IAM Best Practices
 
SEC309 Secure Your Cloud Investment: Mastering AWS Identity Access Management...
SEC309 Secure Your Cloud Investment: Mastering AWS Identity Access Management...SEC309 Secure Your Cloud Investment: Mastering AWS Identity Access Management...
SEC309 Secure Your Cloud Investment: Mastering AWS Identity Access Management...
 
AWS & Infrastructure Hardening - Cloud Infrastructure Security
AWS & Infrastructure Hardening - Cloud Infrastructure SecurityAWS & Infrastructure Hardening - Cloud Infrastructure Security
AWS & Infrastructure Hardening - Cloud Infrastructure Security
 
Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017 Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017
 
Controlling Access to your Resources
Controlling Access to your ResourcesControlling Access to your Resources
Controlling Access to your Resources
 
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
 
Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps
 
AWS Summit 2011: Application Security Best Practices
AWS Summit 2011: Application Security Best PracticesAWS Summit 2011: Application Security Best Practices
AWS Summit 2011: Application Security Best Practices
 
Security Best Practices
Security Best PracticesSecurity Best Practices
Security Best Practices
 
How to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startupsHow to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startups
 
Security best practices
Security best practices Security best practices
Security best practices
 
Intro to AWS Security
Intro to AWS SecurityIntro to AWS Security
Intro to AWS Security
 

More from DEVCON

App Store Optimization 101 by James Chua
App Store Optimization 101 by James ChuaApp Store Optimization 101 by James Chua
App Store Optimization 101 by James ChuaDEVCON
 
Recent trends in the Android Ecosystem by Tiago Alves
Recent trends in the Android Ecosystem by Tiago AlvesRecent trends in the Android Ecosystem by Tiago Alves
Recent trends in the Android Ecosystem by Tiago AlvesDEVCON
 
Introduction to Talas Data Intelligence by Alvin Gendrano
Introduction to Talas Data Intelligence by Alvin GendranoIntroduction to Talas Data Intelligence by Alvin Gendrano
Introduction to Talas Data Intelligence by Alvin GendranoDEVCON
 
DevOps - Infrastructure as Code by Andre Marcelo-Tanner
DevOps - Infrastructure as Code by Andre Marcelo-TannerDevOps - Infrastructure as Code by Andre Marcelo-Tanner
DevOps - Infrastructure as Code by Andre Marcelo-TannerDEVCON
 
Rediscovering Developer Opportunities in the Philippines by Fred Tshidimba
Rediscovering Developer Opportunities in the Philippines by Fred TshidimbaRediscovering Developer Opportunities in the Philippines by Fred Tshidimba
Rediscovering Developer Opportunities in the Philippines by Fred TshidimbaDEVCON
 
The State of the Philippine Programming Talent by Joey Gurango
The State of the Philippine Programming Talent by Joey GurangoThe State of the Philippine Programming Talent by Joey Gurango
The State of the Philippine Programming Talent by Joey GurangoDEVCON
 
Python Code Camp for Professionals 4/4
Python Code Camp for Professionals 4/4Python Code Camp for Professionals 4/4
Python Code Camp for Professionals 4/4DEVCON
 
Python Code Camp for Professionals 3/4
Python Code Camp for Professionals 3/4Python Code Camp for Professionals 3/4
Python Code Camp for Professionals 3/4DEVCON
 
Python Code Camp for Professionals 2/4
Python Code Camp for Professionals 2/4Python Code Camp for Professionals 2/4
Python Code Camp for Professionals 2/4DEVCON
 
Python Code Camp for Professionals 1/4
Python Code Camp for Professionals 1/4Python Code Camp for Professionals 1/4
Python Code Camp for Professionals 1/4DEVCON
 
Use The Source Join The Force by Mark Steve Samson | DevCon Summit 2015 #GoO...
Use The Source Join The Force by Mark Steve Samson | DevCon Summit 2015 #GoO...Use The Source Join The Force by Mark Steve Samson | DevCon Summit 2015 #GoO...
Use The Source Join The Force by Mark Steve Samson | DevCon Summit 2015 #GoO...DEVCON
 

More from DEVCON (11)

App Store Optimization 101 by James Chua
App Store Optimization 101 by James ChuaApp Store Optimization 101 by James Chua
App Store Optimization 101 by James Chua
 
Recent trends in the Android Ecosystem by Tiago Alves
Recent trends in the Android Ecosystem by Tiago AlvesRecent trends in the Android Ecosystem by Tiago Alves
Recent trends in the Android Ecosystem by Tiago Alves
 
Introduction to Talas Data Intelligence by Alvin Gendrano
Introduction to Talas Data Intelligence by Alvin GendranoIntroduction to Talas Data Intelligence by Alvin Gendrano
Introduction to Talas Data Intelligence by Alvin Gendrano
 
DevOps - Infrastructure as Code by Andre Marcelo-Tanner
DevOps - Infrastructure as Code by Andre Marcelo-TannerDevOps - Infrastructure as Code by Andre Marcelo-Tanner
DevOps - Infrastructure as Code by Andre Marcelo-Tanner
 
Rediscovering Developer Opportunities in the Philippines by Fred Tshidimba
Rediscovering Developer Opportunities in the Philippines by Fred TshidimbaRediscovering Developer Opportunities in the Philippines by Fred Tshidimba
Rediscovering Developer Opportunities in the Philippines by Fred Tshidimba
 
The State of the Philippine Programming Talent by Joey Gurango
The State of the Philippine Programming Talent by Joey GurangoThe State of the Philippine Programming Talent by Joey Gurango
The State of the Philippine Programming Talent by Joey Gurango
 
Python Code Camp for Professionals 4/4
Python Code Camp for Professionals 4/4Python Code Camp for Professionals 4/4
Python Code Camp for Professionals 4/4
 
Python Code Camp for Professionals 3/4
Python Code Camp for Professionals 3/4Python Code Camp for Professionals 3/4
Python Code Camp for Professionals 3/4
 
Python Code Camp for Professionals 2/4
Python Code Camp for Professionals 2/4Python Code Camp for Professionals 2/4
Python Code Camp for Professionals 2/4
 
Python Code Camp for Professionals 1/4
Python Code Camp for Professionals 1/4Python Code Camp for Professionals 1/4
Python Code Camp for Professionals 1/4
 
Use The Source Join The Force by Mark Steve Samson | DevCon Summit 2015 #GoO...
Use The Source Join The Force by Mark Steve Samson | DevCon Summit 2015 #GoO...Use The Source Join The Force by Mark Steve Samson | DevCon Summit 2015 #GoO...
Use The Source Join The Force by Mark Steve Samson | DevCon Summit 2015 #GoO...
 

Recently uploaded

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 

Recently uploaded (20)

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 

Securing AWS Infrastructure

  • 1. DevCon #2016 Securing AWS Infrastructure
  • 2. About the speaker - Neil Alwin Hermosilla - Devops Engineer - Blogger [https://cebuserver.com] - Cebuano Native - Ansible Lover - Die-hard Debian User
  • 3.
  • 4.
  • 5.
  • 7. Focusing on ... - AWS Key Management - AWS IAM Management - AWS AMI Management - AWS Security Groups - Server Monitoring - Alert Notification - Art of Monitoring
  • 11. AWS IAM 3rd Party Providers - Make sure you don’t give full permission to execute unauthorized API Calls. - Make sure to evaluate permission every quarter - Use it dedicatedly User - Control resource access permission (ACL) - Utilize ReadOnly/Full policy - Don’t enable “password” (stick with access-key/secret-key)
  • 12. AWS IAM Group - Group users properly - Best practice is to group it via Department/Team - Developer Support - QA Engineer - Developer Release - Business Groups - System Admin I - Project Managers - System Admin II Roles - Utilize creating IAM Roles (enabling resource triggers from one or more services). Better than getting passwords all over the place.
  • 13. AWS AMI - Evaluate preferred Distro - Evaluate AMI format/type - Evaluate AMI builds (components) - Evaluate defaults (libraries to be added) - Evaluate base softwares (pre-installed) - Initiate a snapshot of the server - Use the snapshot to spawn additional machines
  • 14.
  • 15. AWS Security Groups Things to be aware: - If instance is created via classic mode (default), once it’s fired up, there is no way for you to add more security groups to it. *BETTER UTILIZE VPC -- SEGREGATE THE NETWORK* - Always create a “spare-tire” Security-Group. Remote IP Whitelisting