Shared Responsibility In Action
-
Upload
mark-nunnikhoven -
Category
Software
-
view
451 -
download
0
Transcript of Shared Responsibility In Action
TRADITIONAL ResponsibilitY
Physical Operating SystemInfrastructure ApplicationNetwork DataVirtualization
SHARED ResponsibilitY
Physical Operating SystemInfrastructure ApplicationNetwork DataVirtualization Security Groups
Network ConfigMore info on the model is available at hּמp://aws.amazon.com/security
SHARED ResponsibilitY
Physical Operating SystemInfrastructure ApplicationNetwork DataVirtualization Security Groups
Network Config
Verify
Compliance information available at hּמp://aws.amazon.com/compliance
BETTER SERVICE TYPES
From AWS’ Mark Ryland talk at hּמp://4mn.ca/ZZeDbA
Infrastructure Abstract Container
SERVICE Examples
Fantastic reference by AWS’ Mark Ryland at hּמp://4mn.ca/ZZeDbA
Service Type *aaS
SQS, S3, Route53 Abstract SaaS
RDS, EMR, OpsWorks Container PaaS
EC2, EBS, VPC Infrastructure IaaS
ACTIONS TO TAKE
From AWS’ Mark Ryland talk at hּמp://4mn.ca/ZZeDbA
Nothing for cloud-native architectures Manage availability
For EC2
Nothing for Multi-AZ instances Standard maintenance window for single instances
For RDS
ACTIONS TO TAKE
From AWS’ Mark Ryland talk at hּמp://4mn.ca/ZZeDbA
Select a non-affected cipher suiteFor ELB
Enable TLS_FALLBACK_SCSV Disable support for SSL 3.0*
For Web Servers
More info on bash is available at hּמp://www.gnu.org/soﬞware/bash/