Cloud Security
5 min read Quiz at the end
AWS IAM least privilege, block public S3 access, security groups, CloudTrail audit logging, GuardDuty.
Cloud Security
# AWS Security Best Practices
# 1. IAM -- Identity and Access Management
aws iam get-account-summary
# Never use root account for operations
# Create individual IAM users / roles
# Enable MFA on root and all admin accounts
# Least privilege policy example
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Action": ["s3:GetObject","s3:PutObject"],
"Resource": "arn:aws:s3:::myapp-bucket/*"
}]
}
# 2. S3 Security
aws s3api put-bucket-acl --bucket myapp --acl private
aws s3api put-public-access-block --bucket myapp
--public-access-block-configuration BlockPublicAcls=true,IgnorePublicAcls=true
# 3. Security Groups (firewall)
# Allow only necessary ports, deny 0.0.0.0/0 on sensitive ports
# 4. CloudTrail (audit log of all API calls)
aws cloudtrail create-trail --name mytrail --s3-bucket-name audit-logs
aws cloudtrail start-logging --name mytrail
# 5. AWS Security Hub (centralised findings)
# AWS GuardDuty (threat detection ML)
# AWS Inspector (vulnerability assessment)