AWS Security Architect

Extending your AD to AWS – AD on EC2 Instances

anuj varma September 25, 2022 Extending your AD to AWS – AD on EC2 Instances2022-09-25T07:38:41+00:00 AWS IAM 1 Comment

AD extend AWS Extending your AD to AWS Also read - Limited IAM Admin in AWS A very common use case - either to provide ease of addressing of AWS…

Accessing PaaS Services on AWS via Endpoints

anuj varma September 25, 2022 Accessing PaaS Services on AWS via Endpoints2022-09-25T07:20:18+00:00 PaaS Security No Comment

Also read, which PaaS services require VPCs Accessing PaaS Services on AWS AWS services like EC2, RDS, and ElastiCache come with an Elastic Network Interface (ENI), which enables communication from…

Limited IAM Admin in AWS

anuj varma September 25, 2022 Limited IAM Admin in AWS2022-09-25T06:48:58+00:00 AWS IAM 2 Comments

Often, we need to pare down the credentials of an IAM admin. This can be accomplished by creating a custom IAM policy for the restricted admin. What about a limited…

Testing your VPN Tunnel in AWS

anuj varma September 25, 2022 Testing your VPN Tunnel in AWS2022-09-25T06:20:11+00:00 AWS Network Security No Comment

VPN TUNNEL in AWS The idea is for all your private subnets to route via the VPN Tunnel. Create a custom route table shown below for the first private subnet.…

AWS SSM Connect for no ingress EC2 instances

anuj varma September 25, 2022 AWS SSM Connect for no ingress EC2 instances2022-09-25T06:20:21+00:00 EC2 Security 1 Comment

No Ingress EC2 is a great security option to completely block off all access to an EC2 instance. How then, will management users connect to this instance? This is a…

AWS DDOS Protection

anuj varma September 24, 2022 AWS DDOS Protection2022-09-24T16:26:17+00:00 AWS Network Security No Comment

AWS Shield A managed Distributed Denial of Service (DDoS) protection service. It detects and automatically mitigates attacks that could potentially result in downtime for your application. A DDoS attack results…

Protecting EC2 instances on AWS – Basic EC2 Security

anuj varma September 24, 2022 Protecting EC2 instances on AWS – Basic EC2 Security2022-09-25T06:19:10+00:00 EC2 Security No Comment

Also read - No Ingress EC2 Instances Here are a couple of simple, yet often ignored, best practices around EC2 instance access. Access to EC2 instances via Systems Manager Only (Management…

Routes in AWS – Destinations and Targets

anuj varma September 24, 2022 Routes in AWS – Destinations and Targets2022-09-29T18:09:12+00:00 AWS Network Security No Comment

routes in aws Also read - Palo Alto East West and Ingress Egress Filtering - on GCP and AWS Routes in AWS Overview - Destinations versus Targets Routes are composed…

AWS – Which PaaS services require a VPC?

anuj varma September 24, 2022 AWS – Which PaaS services require a VPC?2022-10-12T14:40:18+00:00 PaaS Security 1 Comment

Several PaaS services use the compute platform (compute engine on GCP and EC2 on AWS). These services ARE actually part of your VPC - even though it may seem like…

AWS SSO Groups and Root Users

anuj varma September 24, 2022 AWS SSO Groups and Root Users2022-09-24T08:39:46+00:00 AWS IAM No Comment

How do SSO groups work in an AWS organization? How do you restrict root users at lower levels in an organization? AWS SSO Groups and Permission Sets Users use their…

123