5 Securing your system: IAM, security groups, and VPC

 

This chapter covers

  • Who is responsible for security?
  • Keeping your software up-to-date
  • Controlling access to your AWS account with users and roles
  • Keeping your traffic under control with security groups
  • Using CloudFormation to create a private network

If security is a wall, you’ll need a lot of bricks to build that wall, as shown in figure 5.1. This chapter focuses on the following four most important bricks to secure your systems on AWS:

5.1 Who’s responsible for security?

 
 
 

5.2 Keeping the operating system up-to-date

 
 
 

5.3 Securing your AWS account

 
 
 

5.3.1 Securing your AWS account’s root user

 
 
 

5.3.2 AWS Identity and Access Management (IAM)

 
 

5.3.3 Defining permissions with an IAM identity policy

 
 
 

5.3.4 Users for authentication and groups to organize users

 
 

5.3.5 Authenticating AWS resources with roles

 
 

5.4 Controlling network traffic to and from your virtual machine

 
 
 
 

5.4.1 Controlling traffic to virtual machines with security groups

 
 
 

5.4.2 Allowing ICMP traffic

 

5.4.3 Allowing HTTP traffic

 
 
 
 

5.4.4 Allowing HTTP traffic from a specific source IP address

 

5.4.5 Allowing HTTP traffic from a source security group

 

5.5 Creating a private network in the cloud: Amazon Virtual Private Cloud (VPC)

 
 

5.5.1 Creating the VPC and an internet gateway (IGW)

 
 
 
sitemap

Unable to load book!

The book could not be loaded.

(try again in a couple of minutes)

manning.com homepage
test yourself with a liveTest