“It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change.” — Charles Darwin

“DevOps is a set of practices that seeks to reduce the gap between software development and software operation.”

AWS Techniques

VPC
- use the terraform VPC module to abstract away the complexity of network resources.

AWS Firewall options
chose your firewall options as per AWS Firewalls 101

Understanding IAM policies
AWS IAM Policies with Examples
IAM
AWS IAM Policies in a Nutshell
AWS IAM Breakdown… and common mistakes!
AWS IAM – Looking at some of the more advanced features
How to configure a production-grade AWS account structure
5 Things You Should Be Doing in IAM Right Now
Elevating Permissions in AWS IAM
Why is AWS IAM So Hard?
The ABCs of IAM: Managing permissions with Serverless

also don't forget Service control policies in AWS Organisations
Using Terraform to Secure Your AWS Organizations
AWS Multi-Account Architecture with Terraform, Yeoman, and Jenkins
AWS Organizations pro tips

Process to write, test policies and deploy IAM Policies.
see Tips for Creating IAM Policies
IAM Policy Reference
AWS Services That Work With IAM
AWS ARNs and AWS Service Namespaces
1. Google for “Limiting Access to AWS X Service” and then modify the policy.
2. Generate Policy
AWS Policy Generator
3. Test Policy
Testing IAM policies with the IAM policy simulator
4. S3 Bucket Policies
Add deny section to deny any iam roles
Why protecting data in S3 is hard and a least-privilege bucket policy to help
5. Deploy with terraform
-run tfsec to do static analysis
-terraform apply
-test its working.

Tools
security tools to help write and test IAM policies
security tools to monitor etc security i.e. security operations.
AWS Console - Visual Policy Editor
Creating IAM policies
AWS Policy Generator (static website)
AWS Policy Generator
IAM policy simulator
Testing IAM policies with the IAM policy simulator
Testing an S3 policy using the AWS IAM Simulator
iamctl
New IAMCTL tool compares multiple IAM roles and policie
aws-iam-policy-tool
tilfin/aws-iam-policy-tool
aws-iam-policy-tool
policy sentry
Policy Sentry Documentation
Policy Sentry Tutorial
automated security testing.
aws-iam-tester
AWSume
AWSume: AWS Assume Made Awesome!

Security
AWS Firewalls 101
Security architecture anti-patterns
How can we integrate security into the DevOps pipelines?
AWS S3 Security Guide
Moving Fast and Securing Things - The SDL at Slack and goSDL
A guide to tagging resources in AWS
hsetting up an ssl certificate using aws and terraform
critical devops interview questions and how to answer them
A year in Production with the Hashistack
Serverless Patterns
Creating cloud governance in an agile world

Other
The Hitchhiker's Guide to AWS ECS and Docker
Terraform EKS Cluster Operations - github sample
Terraform AWS EKS Introduction
A Whole Year of Amazon EKS
Deploying Helm Charts w. Terraform
Troubleshooting Kubernetes: The Beginner's Guide
AWS VPC Core Concepts in an Analogy and Guide
What's a Silo? (and why they ruin everything)
Self-Service Operations

0 comments:

Post a Comment