Secure your Amazon Web Services (AWS) infrastructure with permission policies, key management, and network security, while following cloud security best practices

Key Features

Explore useful recipes for implementing robust cloud security solutions on AWS

Monitor your AWS infrastructure and workloads using CloudWatch, CloudTrail, Config, GuardDuty, and Macie

Prepare for the AWS Certified Security - Specialty exam by exploring various security models and compliance offerings

Purchase of the print or Kindle book includes a free PDF eBook

Book DescriptionAs a security consultant, implementing policies and best practices to secure your infrastructure is critical. This cookbook discusses practical solutions for safeguarding infrastructure, covering services and features within AWS that help implement security models, such as the CIA triad (confidentiality, integrity, and availability) and the AAA triad (authentication, authorization, and accounting), as well as non-repudiation. This updated second edition starts with the fundamentals of AWS accounts and organizations. The book then guides you through identity and access management, data protection, network security, and encryption. You'll explore critical topics such as securing EC2 instances, managing keys with KMS and CloudHSM, and implementing endpoint security. Additionally, you'll learn to monitor your environment using CloudWatch, CloudTrail, and AWS Config, while maintaining compliance with services such as GuardDuty, Macie, and Inspector. Each chapter presents practical recipes for real-world scenarios, allowing you to apply security concepts. By the end of this book, you'll be well versed in techniques required for securing AWS deployments and be prepared to gain the AWS Certified Security – Specialty certification.What you will learn

Manage AWS accounts and users with AWS Organizations and IAM Identity Center

Secure data and infrastructure with IAM policies, RBAC, and encryption

Enhance web security with TLS, load balancers, and firewalls

Use AWS services for logging, monitoring, and auditing

Ensure compliance with machine-learning-powered AWS services

Explore identity management with Cognito, AWS directory services, and external providers such as Entra ID

Follow best practices to securely share data across accounts

Who this book is for

If you're an IT security professional, cloud security architect, or a cloud application developer working on security-related roles and are interested in using AWS infrastructure for secure application deployments, then this Amazon Web Services book is for you. You'll also find this book useful if you're looking to achieve AWS certification. Prior knowledge of AWS and cloud computing is required to get the most out of this book.

]]>