Posted on

DevOps on AWS: Everything You Need to Know

DevOps is renowned for fast methodologies, increased security (in the form of DevSecOps), as well as the quick and easy scalability of software development projects. These advantages make it essential for companies to embrace the DevOps culture as a guarantee of future success and growth. 

At the heart of this change, we have Amazon and its pioneering cloud offering, Amazon Web Services. Being the most popular in the market means Amazon has some of the best services, infrastructure, locations, and support in the market. The amount of trained professionals in AWS DevOps is also the highest among the big three; Google Cloud Platform, Microsoft Azure, and AWS.

Posted on

How to Use AWS IAM Role on AWS EKS PODs

How It Works

It’s possible to attach an IAM role in a Kubernetes POD without using third-party software, such as kube2iam and kiam. This is thanks to the integration between AWS IAM and Kubernetes ServiceAccount, following the approach of IAM Roles for Service Accounts (IRSA).

Attach IAM Role to the Kubernetes POD
Using an IAM Role in a Kubernetes POD

Benefits

There are quite a few benefits of using IRSA with Kubernetes PODs.

Posted on

9 AWS Security Best Practices: Securing Your AWS Cloud

The digitalization drive has become the dominating trend, with computer technologies penetrating all spheres of social and personal life in the modern world. Alongside ushering innumerable benefits, the ubiquitous advent of IT devices has brought serious concerns in its wake. One of the most pressing questions that worries both individuals and organizations is, “How secure is my virtual data?”

Public anxiety is continuously fed by reports of security breaches and data leakages that cost companies a pretty penny. Their financial losses manifest an ever-growing pattern, with businesses having to spend (or waste?) millions of dollars to redress gruesome consequences. For example, Desjardines Group lost over $50 million to cover for the data leakage of their clientele, and Norsk Hydro had to fork out $75 million to eliminate the effects of a cyberattack. Such exorbitant losses are rare, but IBM experts believe that on average, corporate victims of cybercrime have to foot a bill equal to $4 million. Because of such appalling statistics, establishing cybersecurity of their IT environment is prioritized by many organizations. Even the malicious onslaught of the global pandemic didn’t relegate security considerations to a secondary place, with companies reluctant to cut down on the security strategy enforcement expenditures.

Posted on

Enforcing and Monitoring Security on AWS S3

I am an avid follower of AWS Online Tech Talks YouTube channel. It is a useful way to stay up-to-date on new or existing AWS features and services; I find it helpful to refresh and retain knowledge. Recently, I encountered a webinar about AWS S3 security, which triggered me to relook at my S3 policies and settings. I decided to consolidate some S3 security features and properties. In this article, I'll discuss the changes I made, along with some examples and my two cents. 

What’s the Incentive?

Typically, in my day-to-day use of S3, security and permissions are not being changed regularly. In most cases, we set the security definitions at the time the S3 bucket is created and then forget about it. We do not bother to revalidate these security settings periodically.

Posted on

Overview of AWS Security Tools and Processes

Here are some of the tools in AWS's security infrastructure.

Any time a company moves/transmits confidential or proprietary information or data, there is always that nagging concern about security. Internal IT specialists do their best to secure the premises. Employees are trained and often barred from using company devices for personal purposes. Third-party contractors are scrutinized for their security measures. Still, data breaches occur – big ones sometimes.