1 Introduction to AWS security


This chapter covers

  • Understanding the shared responsibility model
  • Using AWS-native security services
  • Adapting to working in the cloud

The public cloud is growing fast, and AWS is a huge part of that. There seems to be an endless stream of blog posts and whitepapers and case studies about companies moving to AWS. I’m sure you’ve heard the common refrains about high availability, pay-for-use, and rapid development. Of all the reasons we’ve heard for moving to the cloud, the most contentious is security.

Is it really more secure to run your applications on AWS? Some people seem to think so, like Capital One CIO Rob Alexander, who believes they can “operate more securely in the public cloud than we can in our own data centers.” This is particularly powerful coming from a bank, which certainly has a lot of money riding on getting security right. And there are several other banks running workloads on AWS as well, like JPMorgan Chase and National Bank of Canada.

1.1 The shared responsibility model

1.1.1 What is AWS responsible for?

1.1.2 What are you responsible for?

1.2 Cloud-native security tools

1.2.1 Identity and access management

1.2.2 Virtual private cloud

1.2.3 And many more

1.3 A new way of operating

1.3.1 Speed of infrastructure development

1.3.2 Shifting responsibilities

1.4 Conclusion