This document outlines an effective strategy for securely deploying a web application on Amazon Web Services. It recommends: 1) Using multi-factor authentication to securely access the AWS console. 2) Implementing security settings like network access control lists and firewalls. 3) Leveraging services like Identity and Access Management, Simple Notification Service, and CloudWatch to monitor resources and restrict access. The overall strategy enhances security, compliance, and reliability.
Semantic Web Technologies Presenattion (Topic: TripIt)
Effective use of amazon web services for web deployment
1. Effective use of Amazon
web services for Web
Deployment
By
Ghazanfar Latif (Gabe)
gabe@prebinary.com
2. 4.
Cloud
Watch
3. IAM
5.
SNS
2.
Security
Settings
1.
MFA
RDS
(Failover
)
RDS
(Live)
Availability Zone B
Availability Zone A
Amazo
n S3
Cloud
Front
VPC
EBS 3
EBS 2
EBS 1
EC2 Server
Application tools
Application Data
Server Setup Tools
X509
www.xyz.co
m
cdn.xyz.co
m
Amazon Management Console
Security Setting, SNS, Elastic IP, MFA
US East Zone
6. S3
Permissio
n
11.
GPO
10.
Server
Firewall
9.
SSL
8.
VPC
7.
GovCloud
3. Availability Zone A
Amazo
n S3
VPC
EBS 3
EBS 2
EBS 1
EC2 Server
Kerberos MIT tools
Web EHR App
Apache
X509
PHP
Amazon Management Console Security
Setting, SNS, Elastic IP, MFA
www.abc.com
US West Region
MFA: Will use Multi
Factor Authentication
device to Access the
AWS Console in a more
secure way.
SNS: We will use SNS
Service to provide
limited rights of the AWS
Management Console to
the different Developers.
GPO Settings: We
setup the policies for
the different users of
the server according
to their requirements
which will make
server and data
more secure
Instance Security
Settings: We will setup
the limited access of the
EC2 instance to the
users by allowing and
blocking different ports
of the instance.
VPC: We will setup VPC
for the establishment of
local area network within
the different EC2 instance
running in a particular
AWS Region which will
make them one step
secure.
Windows Firewall
Settings: We will
enable windows
firewall to access of
the server resources
externally which will
also make EHR one
step more secure.
S3 Access: We will
setup S3 Permissions
for the limited access of
S3 Buckets.
Security Enabling for Cloud
GovCloud: We will use
GovCloud EC2 Instance for the
Cloud HER Deployment which is
more secure and fully comply
HIPAA Regulations.
CloudWatch: We will
setup alarms for the
resources usage.
SSL Certificate: We
will use SSL Certificate
for Secure and
encrypted
communication
between client and
EC2 Server
IAM: This service can
be used to provide
limited access of the
Amazon Management
Console to different
users.
Editor's Notes
Design 1, When we go to from Micro instance to Large Instance?
Design 1, When we go to from Micro instance to Large Instance?