Best Security Practices

0

What are some of the best security practices, so far I know of:

  1. Use MFA for root acount
  2. Use a key pair for any instance
  3. Setup HTTPS version of the site

Is there any pages that can let me to proper setup?

5 Answers
2

Please review Security Pillar of AWS Well-Architected Framework - The focus of this paper is the security pillar of the AWS Well-Architected Framework. It provides guidance to help you apply best practices, current recommendations in the design, delivery, and maintenance of secure AWS workloads. https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/welcome.html

profile pictureAWS
EXPERT
Deep_K
answered 2 years ago
0

Very important, Always create EC2 instance privately, meaning in inbound, it should be accessible from interval server only within AWS and no one should be abled to access it directly.

  • Plus, Always use proper security for bucket and never keep it public unless its required.
  • If you are an Admin user and want to create another user then never give full permission to that user and give only required permission
  • Apart from security group inbound rules, you can also use Network ACLs which is high level of security to control traffic so incase if security group missed any filter then Network ACLs can again filter out the traffic.
answered 2 years ago
  • I understand, only web server can be accessed from outside. The rest should be accessed from the webcli

0

There are many things to describe security for AWS console and AWS well architecture frame work some are listed

  1. VPC must b private
  2. Subnet with private and public multi AZ with using NAT gateway
  3. if using RDS it should be private and only can accessible with private VPC or linked resources with private VPV and if you want to connect it remotely so use open vpn
  4. Always user and make roles and policy to use any AWS service in side of any other Aws service

And many more you can see in this given link https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/security.html

answered 2 years ago
0

Hi! Great question.

This is a long and complex answer as there are many best security practices for operating securely in AWS. Keep in mind there's no comprehensive checklist, more recommendations and best practices that will help you in your secure cloud journey!

This AWS Whitepaper is a great read on security responsibility and the shared responsibility model: https://docs.aws.amazon.com/whitepapers/latest/aws-overview/security-and-compliance.html

For starters (and the well-architected framework,

jsonc
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions