AWS Security & Identity Services

Home » AWS Cheat Sheets » AWS Security & Identity Services

HTTP Flood Attack Notification using AWS Lambda, Amazon EventBridge and CloudWatch Logs Insights

2024-01-25T05:04:59+00:00

We can almost do everything now on the website. Selling clothes, ordering food, video posting, doing business meetings, online classes, and others, you name it. Running a website is very awesome and at the same time hard, especially when bad actors want to mess with it. One sneaky way is an "HTTP Flood Attack," where your website gets bombarded with too many requests. This can slow down or even break your site. Detecting and responding to such attacks promptly is crucial for maintaining the availability and performance of your applications. In this blog post, we'll explore how to implement a simple [...]

HTTP Flood Attack Notification using AWS Lambda, Amazon EventBridge and CloudWatch Logs Insights2024-01-25T05:04:59+00:00

Managing Amazon GuardDuty Security Findings Across Multiple Accounts

2023-05-02T05:23:52+00:00

In our previous article, we discussed how GuardDuty can help organizations monitor their workloads and  AWS accounts from malicious activities and how to monitor findings with Amazon CloudWatch Events. Imagine that your organization has multiple AWS accounts for different workloads, teams, and projects. With every account, you need to monitor GuardDuty findings individually. It will be quite difficult for your security team to monitor these findings with their constant switching between AWS accounts.  Amazon GuardDuty supports the consolidation of these findings to one AWS account. For example, your organization has 10 AWS accounts. All you have to do is to [...]

Managing Amazon GuardDuty Security Findings Across Multiple Accounts2023-05-02T05:23:52+00:00

Monitoring GuardDuty Findings with Amazon CloudWatch Events

2023-05-27T08:47:29+00:00

Large scale cyber attacks are now becoming normal in this age of interconnectivity. As we rely more and more on cloud technologies, companies are looking to tap into digital innovations to improve their businesses. Cyber attacks are costing companies millions of dollars of downtime not to mention the possibility of lawsuits whenever an attack occurs. It is imperative that security teams have the means to prevent, detect, and take actions to ensure that the security of their workloads in AWS are airtight. Amazon GuardDuty was released during the 2017 re:Invent conference. Amazon GuardDuty is an agentless threat detection service that [...]

Monitoring GuardDuty Findings with Amazon CloudWatch Events2023-05-27T08:47:29+00:00

AWS Secrets Manager vs Systems Manager Parameter Store

2023-06-23T05:17:07+00:00

Bookmarks AWS Systems Manager Parameter Store AWS Secrets Manager Similarities and Differences Managing the security of your applications is an integral part of any organization especially for infrastructures deployed in the cloud. One aspect of application security is how the parameters such as environment variables, database passwords, API keys, product keys, etc. are stored and retrieved. As a best practice, secret information should not be stored in plain text and not be embedded inside your source code. It is also recommended to set up an automated system to rotate passwords or keys regularly (which [...]

AWS Secrets Manager vs Systems Manager Parameter Store2023-06-23T05:17:07+00:00

Amazon Cognito User Pools vs Identity Pools

2023-06-23T05:00:39+00:00

Bookmarks Amazon Cognito User Pools Amazon Cognito Identity Pools With the proliferation of smartphones in our connected world, more and more developers are quickly deploying their applications on the cloud. One of the first challenges in developing applications is allowing users to log in and authenticate on your applications. There are multiple stages involved in user verification and most of these are not visible from the end-user. AWS provides an easy solution for this situation. User Identity verification is at the core of Amazon Cognito. It provides solutions for three key areas of user identification:  [...]

Amazon Cognito User Pools vs Identity Pools2023-06-23T05:00:39+00:00

Locking your Glacier Vault using the Amazon S3 Glacier API

2023-06-05T03:07:24+00:00

What is Amazon S3 Glacier Vault Lock A Glacier Vault can be described as a container for your archived objects in S3 Glacier. To begin using Amazon S3 Glacier, you need a vault. Creating and deleting vaults can be easily done in the AWS Management Console, but interacting with them requires you to use the APIs. For example, let’s say you want to upload images or log files to your vault. To do so, you would either use the AWS CLI or write code that would upload these objects. Large corporations often have compliance requirements with how they store their [...]

Locking your Glacier Vault using the Amazon S3 Glacier API2023-06-05T03:07:24+00:00

Amazon S3 Bucket Policies for VPC Endpoints

2023-06-05T03:11:03+00:00

Amazon S3 and Amazon VPC Relationship Amazon S3 is a versatile object storage solution that boasts virtually unlimited storage capacity. You can expect that your files will be durably stored in S3 given that AWS provides an SLA for this service. When creating your S3 bucket, AWS provides you with a unique bucket URL that you can use to access your S3 bucket directly from the public internet, if you have public access enabled.  Amazon S3 is a service that is not used within a VPC. This means that traffic does not pass through VPC resources such as internet gateways [...]

Amazon S3 Bucket Policies for VPC Endpoints2023-06-05T03:11:03+00:00

Amazon Detective

2023-06-23T07:02:45+00:00

Bookmarks Concepts Limits Common Use Cases Amazon Detective Cheat Sheet The service automatically collects log data from your AWS resources and uses machine learning, statistical analysis, and graph theory to build a linked set of data that enables you to easily conduct faster and more efficient security investigations.  Can be integrated with AWS security services like Amazon GuardDuty, Amazon Macie, and AWS Security Hub as well as partner security products to identify potential security issues, or findings. Amazon Detective can analyze trillions of events from multiple data sources such as VPC Flow Logs, AWS [...]

Amazon Detective2023-06-23T07:02:45+00:00

Customer Master Key (CMK) Policy Management in AWS KMS

2023-06-07T04:11:41+00:00

What is a Customer Master Key (CMK)? In security, a master key is what you use to encrypt all other encryption keys in your system. Customer master keys are logical representations of a master key. They are the primary resources in AWS KMS. The CMK contains the key material used to encrypt and decrypt data. It also contains metadata such as the key ID, creation date, description, and key state. You can start using AWS KMS through the web console or via API. There are two types of CMKs that you can create in AWS KMS: symmetric CMK and asymmetric [...]

Customer Master Key (CMK) Policy Management in AWS KMS2023-06-07T04:11:41+00:00

Working with Customer Master Keys (CMKs) using the AWS KMS API

2023-06-07T03:39:53+00:00

What is AWS Key Management Service? AWS Key Management Service (or KMS for short) is the service you use to securely store your encryption keys in AWS. If you need data encryption on your AWS resources, such as EBS volumes or RDS databases, you can use AWS KMS to simplify the process for you. You start using the service by requesting the creation of a customer master key or CMK. By default, AWS KMS creates the key material for your CMK. You also have the option of importing your own keys to AWS if you wish to. Note that during [...]

Working with Customer Master Keys (CMKs) using the AWS KMS API2023-06-07T03:39:53+00:00

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!