Prashant Priyam - Cloud Security Automation

Copyright 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Gebin George
Acquisition Editor: Rohit Rajkumar
Content Development Editor: Nithin Varghese
Technical Editor: Khushbu Sutar
Copy Editors: Safis Editing, Laxmi Subramanian
Project Coordinator: Virginia Dias
Proofreader: Safis Editing
Indexer: Aishwarya Gangawane
Graphics: Tom Scaria
Production Coordinator: Shraddha Falebhai

First published: March 2018

Production reference: 1270318

Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.

ISBN 978-1-78862-786-3

www.packtpub.com

mapt.io

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

• Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

• Improve your learning with Skill Plans built especially for you

• Get a free eBook or video every month

• Mapt is fully searchable

• Copy and paste, print, and bookmark content

PacktPub.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at service@packtpub.com for more details.

At www.PacktPub.com , you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.

Contributors

About the author

Prashant Priyam is an astute professional with a great deal of experience in cloud technologies, specifically requirement analysis, solution architecture, design, and delivery. He also has experience in cloud services and solutions, cloud consultancy and deployment, and data center services.

This book is dedicated to my mom, papa, and Prasun bhaiya, for their endless love and support. Thanks to Shivani, Gajanan, and my colleagues at Velocis for their comments, feedback, and support.
To all my friends, who always forced me to look beyond boundaries and go the extra mile.

About the reviewers

Fabio Alessandro Locati, commonly known as Faleis the director of Otelia, a public speaker, author, and open source contributor. His main areas of expertise are Linux, automation, security, and cloud technologies. Fale has over 12 years, working experience in IT; many of those years were spent consulting for many companies, including dozens of Fortune 500 companies. This has allowed him to consider technologies from different points of view and to develop critical thinking about them.

Deep Mehta is currently working as a DevOps engineer in the San Francisco Bay Area. He is currently working with different clients to help them to improve their CI/CD and DevOps cycles. He helps them to follow the microservices pattern and create resilient and fault tolerant infrastructure. Deep is mainly interested in distributed systems, containers, data science, and the cloud. He also worked as a reviewer on the book, Learning Continuous Integration with Jenkins.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Preface

Security is critical for organizations when they are planning to run, or are already running, their workload on the cloud. On the cloud, security also comes under the sharing responsibility model, where the cloud provider and cloud consumer have defined boundaries for their security responsibilities based on cloud services (IaaS, PaaS, or SaaS).

On a private cloud, one has to take complete responsibility for security, from physical components to the application itself.

In addition to security, organizations also have to meet compliance requirements if they are applicable.

Although there are different sets of security tools and services available on AWS, it's always the customers'/users' responsibility to use these tools and services effectively to ensure the security of their data and applications and to meet compliance requirements.

This book is a comprehensive learning guide to securing your cloud account's structure in AWS and the OpenStack environment. It also gives you insight on how DevOps processes can help you to automate the security processes.

Who this book is for

This book is targeted at DevOps engineers, security professionals, and any stakeholders responsible for securing cloud workloads. Prior experience with AWS or OpenStack will be an advantage.

What this book covers

, Introduction to Cloud Security, helps you understand cloud security models for the public cloud (AWS) and OpenStack at different levels for different services.

, Understanding the World of Cloud Automation, introduces the basics of automation, the automation process, tools and requirements, and the benefits of cloud automation.

, Identity and Access Management in the Cloud, gives you an in-depth understanding of IAM and other AWS services, such as Inspector, WAF, HSM, and Certificate Manager, in order to improve security.