In AWS cloud, spinning up servers, databases, load balancers and the rest of 100+ services can be done in a matter of minutes. It has never been easier to design powerful cloud architectures with seamless integration of many services. While enjoying these services, we must not forget that security is of paramount importance to any production level application. In terms of Security, AWS offers a shared responsibility model.
AWS is responsible for the security of the physical infrastructure within their data centers across the globe. An AWS customer is responsible for his application’s security. As shown in the above diagram, there are many areas that a customer should establish security for.
- User Data
- Access Management
- Network Security
- Data encryption at Client-Side, Server-Side and Network Traffic
Center for Information Security(CIS) has well-defined recommendations to secure AWS application. This paper is called AWS CIS Foundations Benchmark and it is a must to read!
AWS provides different tools and services to tighten up the security of cloud applications. It’s the customer’s responsibility to utilize them and secures the above-mentioned areas.
Written By : Manoj Fernando, Associate Tech Lead, 99X Technology