Date post: | 14-Jul-2015 |
Category: |
Software |
Upload: | mark-nunnikhoven |
View: | 449 times |
Download: | 0 times |
TRADITIONAL ResponsibilitY
Physical Operating SystemInfrastructure ApplicationNetwork DataVirtualization
SHARED ResponsibilitY
Physical Operating SystemInfrastructure ApplicationNetwork DataVirtualization Security Groups
Network ConfigMore info on the model is available at hּמp://aws.amazon.com/security
SHARED ResponsibilitY
Physical Operating SystemInfrastructure ApplicationNetwork DataVirtualization Security Groups
Network Config
Verify
Compliance information available at hּמp://aws.amazon.com/compliance
BETTER SERVICE TYPES
From AWS’ Mark Ryland talk at hּמp://4mn.ca/ZZeDbA
Infrastructure Abstract Container
SERVICE Examples
Fantastic reference by AWS’ Mark Ryland at hּמp://4mn.ca/ZZeDbA
Service Type *aaS
SQS, S3, Route53 Abstract SaaS
RDS, EMR, OpsWorks Container PaaS
EC2, EBS, VPC Infrastructure IaaS
ACTIONS TO TAKE
From AWS’ Mark Ryland talk at hּמp://4mn.ca/ZZeDbA
Nothing for cloud-native architectures Manage availability
For EC2
Nothing for Multi-AZ instances Standard maintenance window for single instances
For RDS
ACTIONS TO TAKE
From AWS’ Mark Ryland talk at hּמp://4mn.ca/ZZeDbA
Select a non-affected cipher suiteFor ELB
Enable TLS_FALLBACK_SCSV Disable support for SSL 3.0*
For Web Servers
More info on bash is available at hּמp://www.gnu.org/soﬞware/bash/