AWS IAM Best Practices Delete AWS account root access keys Create individual

Aws iam best practices delete aws account root access

This preview shows page 120 - 130 out of 224 pages.

AWS IAM Best Practices Delete AWS account (root) access keys. Create individual IAM users. Use groups to assign permissions to IAM users. Grant least privilege. Configure a strong password policy. Enable MFA for privileged users.
Image of page 120
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS IAM Best Practices (continued) Use roles for applications that run on Amazon EC2 instances. Delegate by using roles instead of by sharing credentials. Rotate credentials regularly. Remove unnecessary users and credentials. Use policy conditions for extra security. Monitor activity in your AWS account.
Image of page 121
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS CloudTrail Records AWS API calls for accounts. Delivers log files with information to an Amazon S3 bucket. Makes calls using the AWS Management Console, AWS SDKs, AWS CLI, and higher-level AWS services. AWS CloudTrail Amazon S3 bucket Logs
Image of page 122
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Knowledge Check Q: Your web application needs to read/write an Amazon DynamoDB table and an Amazon S3 bucket. This operation requires AWS credentials and authorization to use AWS services. What IAM entity should be used? User Group Role Policy A: Role
Image of page 123
End of AWS Security, Identity, and Access Management © 2019 Amazon Web Services, Inc. or its affiliates. All rights reserved. This work may not be reproduced or redistributed, in whole or in part, without prior written permission from Amazon Web Services, Inc. Commercial copying, lending, or selling is prohibited. Corrections or feedback on the course, please email us at: [email protected] For all other questions, contact us at: https ://aws.amazon.com/contact-us/aws-training/. All trademarks are the property of their owners.
Image of page 124
AWS Elasticity and Management
Image of page 125
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Triad of Services 136 Latency Utilization Amazon CloudWatch Auto Scaling Elastic Load Balancing Auto Scaling group Execute scaling policy
Image of page 126
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Elastic Load Balancing Distributes traffic across multiple EC2 instances, in multiple Availability Zones Supports health checks to detect unhealthy Amazon EC2 instances Supports the routing and load balancing of HTTP, HTTPS, SSL, and TCP traffic to Amazon EC2 instances 137 Elastic Load Balancing
Image of page 127
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Classic Load Balancer: How It Works Register instances with your load balancer. Load balancer routes request at either: Transport layer (TCP) Application layer (HTPP/HTTPS) Intended for applications build within the EC2-Classic network Recommendation for new applications is to use Application Load Balancer or Network Load Balancer 138 Availability Zone A Availability Zone B load balancer X
Image of page 128
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Image of page 129
Image of page 130

You've reached the end of your free preview.

Want to read all 224 pages?

  • Summer '19
  • Amazon Web Services, Amazon Elastic Compute Cloud

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture