Cloud Security is a main theme of #NoDrama DevOps and here is a curated set of posts that will help you learn about it.
Preparing for a Cloud Migration
If you are trying to discover the Security topics and resources needed to prepare for a Cloud Migration, see:
- Which career path to the Cloud?
- Building Security Skills for a Cloud Migration
- On the Deceitful Complexity of Cloud Security (takeway: you can do it!)
Critical AWS Security Architecture Topics
First a bit about the problem of managing access in AWS:
AWS accounts and the structure of your AWS organization are a critical aspect of AWS Security Architecture. The AWS account is the primary, and strongest partition between identities and protecting resources in the Cloud. See these posts for a detailed discussion:
Patterns that solve common problems:
Establishing Enterprise-wide guardrails for activities in AWS:
- Improving Enterprise Security and Compliance with AWS Organizations
- Starting Carefully with Service Control Policy
As your deployments grow, you’ll be left wondering why X can’t access Y, here’s How to debug ‘AccessDenied’ errors in AWS.
You’ll also need to understand the The First Secret Problem, how applications establish their identity, and how to deliver secrets such as passwords and api keys to them. I researched and published a report on the State of Application Secret Delivery and Audit Practices (2019q3). You can learn start by learning the fundamental problems and solutions
If you would like some private, personalized guidance on these topics, consider a Guidance Engagement.
Receive #NoDrama articles in your inbox whenever they are published. Reply to Stephen and the QualiMente team when you want to dig deeper into a topic.