Best practices for KMS – Identity and Access Management – Securing Users, Roles, and Policies

Inline policies – Identity and Access Management – Securing Users, Roles, and Policies

9 August, 2024 Kennedy Kincaid 0 Comments 6 categories

Inline policies Apart from managed policies, AWS also offers inline policies. An inline policy is a policy that is directly embedded in a single user, group, or role. They are not standalone like managed policies…

Encryption – Data Protection – Encryption, Key Management, and Data Storage Best Practices

5 June, 2024 Kennedy Kincaid 0 Comments 3 categories

Encryption S3 offers two primary types of encryption: SSE and CSE. They can both support BYOKs and AWS-managed keys. SSE SSE is the most straightforward of the two, where data is encrypted at rest within…

EFS filesystems – Data Protection – Encryption, Key Management, and Data Storage Best Practices

9 March, 2024 Kennedy Kincaid 0 Comments 4 categories

EFS filesystems Amazon EFS is a scalable file storage solution for use with both AWS services and on-premises resources. Given its shared nature and the potential for multiple resources to access it simultaneously, ensuring data…

Creating and managing IAM policies – Identity and Access Management – Securing Users, Roles, and Policies

9 December, 2023 Kennedy Kincaid 0 Comments 4 categories

Creating and managing IAM policies Crafting and managing IAM policies is an art that requires precision, understanding, and continuous monitoring. As AWS environments evolve, so do the requirements for permissions. In this subsection, we will…

Troubleshooting and debugging IAM policies – Identity and Access Management – Securing Users, Roles, and Policies

17 September, 2023 Kennedy Kincaid 0 Comments 5 categories

Troubleshooting and debugging IAM policies Despite meticulous planning, there will be times when IAM policies don’t behave as anticipated. AWS CloudTrail is invaluable in these situations. It logs all AWS API calls, providing insights into…

Forcing encryption with a specified KMS key – Identity and Access Management – Securing Users, Roles, and Policies

6 May, 2023 Kennedy Kincaid 0 Comments 5 categories

Forcing encryption with a specified KMS key Imagine that you are managing a multi-tenant AWS environment. Each IAM user represents a tenant and has a tenant tag indicating their tenant ID. Each KMS key is…

Centralized IAM management – Identity and Access Management – Securing Users, Roles, and Policies

9 March, 2023 Kennedy Kincaid 0 Comments 6 categories

Centralized IAM management For expansive organizations with numerous AWS accounts, centralizing IAM management is not just beneficial – it is essential. It fosters consistency, trims administrative tasks, and bolsters security. With AWS Organizations providing the…

Best practices for multi-account IAM – Identity and Access Management – Securing Users, Roles, and Policies

9 November, 2022 Kennedy Kincaid 0 Comments 3 categories

Best practices for multi-account IAM Managing IAM across multiple AWS accounts requires a strategic approach. Here are some important best practices to consider: Clear account structure: Organize AWS accounts based on function or organizational structure.…

Types of encryption supported by AWS – Data Protection – Encryption, Key Management, and Data Storage Best Practices

8 May, 2022 Kennedy Kincaid 0 Comments 4 categories

Types of encryption supported by AWS AWS offers a range of encryption options, each tailored to address specific operational, security, and compliance requirements in various situations. This section delves into the various encryption methodologies supported…

Key features – Data Protection – Encryption, Key Management, and Data Storage Best Practices

9 December, 2021 Kennedy Kincaid 0 Comments 4 categories

Key features Here are some of the most relevant features of the AWS Encryption SDK: Data key caching: One of the standout features of the SDK is its ability to cache data keys. This means…

Category: Best practices for KMS