AWS Security Cookbook

As a security consultant, securing your infrastructure by implementing policies and following best practices is critical. This cookbook discusses practical solutions to the most common problems related to safeguarding infrastructure, covering services and features within AWS that can help you implement security models such as the CIA triad (confidentiality, integrity, and availability), and the AAA triad (authentication, authorization, and availability), along with non-repudiation. The book begins with IAM and S3 policies and later gets you up to speed with data security, application security, monitoring, and compliance. This includes everything from using firewalls and load balancers to secure endpoints, to leveraging Cognito for managing users and authentication. Over the course of this book, you'll learn to use AWS security services such as Config for monitoring, as well as maintain compliance with GuardDuty, Macie, and Inspector. Finally, the book covers cloud security best practices and demonstrates how you can integrate additional security services such as Glacier Vault Lock and Security Hub to further strengthen your infrastructure.

Book contents:

  1. Managing AWS Accounts with IAM and Organizations

  2. Securing Data on S3 with Policies and Techniques

  3. User Pools and Identity Pools with Cognito

  4. Key Management with KMS and CoudHSM

  5. Network Security with VPC

  6. Working with EC2 Instances

  7. Web Security using ELBs, Cloudfront and WAF

  8. Monitoring with CloudWatch, Cloudtrail and Config

  9. Compliance with GuardDuty, Macie and Inspector

  10. Additional Services and Practices for AWS Security