When architecting your VPC, you should aim to layer your infrastructure between subnets; this allows you to layer your security, with each having its own defined set of restrictions. This also allows you to group similar infrastructures together, which in turn allows you to be more restrictive with each set of NACL and security group rules.
Implementing layers in your VPC
by Stuart Scott, Gabriel Ramirez
AWS Certified Solutions Architect - Associate Guide
- Title Page
- Copyright and Credits
- Dedication
- Packt Upsell
- Contributors
- Preface
- Introducing Amazon Web Services
- AWS Global Infrastructure Overview
- Elasticity and Scalability Concepts
- Technical requirements
- Sources of failure
- Dividing and conquering
- Virtualization technologies
- LAMP installation
- Scaling the web server
- Resiliency
- EC2 persistence model
- Disaster recovery 
- Cascading deletion
- Bootstrapping
- Scaling the compute layer
- Scaling a database server
- Summary
- Further reading
- Hybrid Cloud Architectures
- Resilient Patterns
- Event Driven and Stateless Architectures
- Integrating Application Services
- Disaster Recovery Strategies
- Storage Options
- Matching Supply and Demand
- Introducing Amazon Elastic MapReduce
- Web Scale Applications
- Understanding Access Control
- Encryption and Key Management
- An Overview of Security and Compliance Services
- AWS Security Best Practices
- Technical requirements
- Shared responsibility model
- Data protection
- Virtual Private Cloud
- Identity and Access Management
- Avoid sharing identities
- Using MFA for privileged users
- Using roles
- Password policy
- Assigning permissions to groups instead of to individual users
- Rotating your access keys
- Assigning permissions according to the rule of least privilege
- Re-evaluating permissions and deleting accounts
- Do not use the root account as an operational user
- EC2 security
- Security services
- Summary
- Further reading
- Web Application Security
- Cost Effective Resources
- Working with Infrastructure as Code
- Automation with AWS
- Introduction to the DevOps practice in AWS
- Mock Test 1
- Mock Test 2
- Assessment
- Another Book You May Enjoy
Implementing layers in your VPC
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.