You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
The Security pillar focuses on protecting information, systems, and assets while delivering business value through risk assessments and mitigation strategies. Security is foundational — a compromised system cannot reliably deliver any of the other pillars.
The Security pillar is guided by seven design principles:
Implement the principle of least privilege and enforce separation of duties with appropriate authorisation for each interaction with your AWS resources. Centralise identity management and aim to eliminate reliance on long-term static credentials.
Monitor, alert on, and audit actions and changes to your environment in real time. Integrate log and metric collection with systems to automatically respond and take action.
Rather than relying on a single perimeter, apply defence in depth. Apply security controls at every layer — edge network, VPC, load balancer, instance, operating system, and application.
Automated software-based security mechanisms improve your ability to securely scale more rapidly and cost-effectively. Create secure architectures and implement controls that are defined and managed as code in version-controlled templates.
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.