Security and Microservice Architecture on AWS

Book description

Security is usually an afterthought when organizations design microservices for cloud systems. Most companies today are exposed to potential security threats, but their responses are often more reactive than proactive. This leads to unnecessarily complicated systems that are hard to implement and even harder to manage and scale. Author Gaurav Raje shows you how to build highly secure systems on AWS without increasing overhead.

Ideal for cloud solution architects and software developers with AWS experience, this practical book starts with a high-level architecture and design discussion, then explains how to implement your solution in the cloud while ensuring that the development and operational experience isn't compromised. By leveraging the AWS Shared Responsibility Model, you'll be able to:

  • Develop a modular architecture using microservices that aims to simplify compliance with various regulations in finance, medicine, and legal services
  • Introduce various AWS-based security controls to help protect your microservices from malicious actors
  • Leverage the modularity of the architecture to independently scale security mechanisms on individual microservices
  • Improve the security posture without compromising the autonomy or efficiency of software development teams

Table of contents

  1. Preface
    1. Goals of This Book
    2. Who Should Use This Book
    3. Conventions Used in This Book
    4. Using Code Examples
    5. O’Reilly Online Learning
    6. How to Contact Us
    7. Acknowledgments
  2. 1. Introduction to Cloud Microservices
    1. Basics of Cloud Information Security
      1. Risk and Security Controls
      2. Organizational Security Policy
      3. Security Incidents and the CIA Triad
      4. AWS Shared Responsibility Model
    2. Cloud Architecture and Security
      1. Security Through Modularity
      2. Security Through Simplicity
      3. Security Through Fully Managed AWS Services
      4. Blast Radius, Isolation, and the Locked Rooms Analogy
      5. Defense-in-Depth and Security
      6. Security Through Perimeter Protection
      7. Security Through Zero Trust Architecture
    3. A Brief Introduction to Software Architecture
      1. Tier-Based Architecture
      2. Domain-Driven Design
    4. Microservices
    5. Implementation of Microservices on AWS
      1. Container-Based Microservice Architecture
      2. A Very Brief Introduction to Kubernetes
      3. Function as a Service: FaaS Using AWS Lambda
    6. Overview of Cloud Microservice Implementation
      1. Amazon EKS
      2. Amazon EKS Fargate Mode
      3. Function as a Service Using AWS Lambda
      4. Microservice Implementation Summary
    7. Examples of Microservice Communication Patterns
      1. Example 1: Simple Message Passing Between Contexts
      2. Example 2: Message Queues
      3. Example 3: Event-Based Microservices
    8. Summary
  3. 2. Authorization and Authentication Basics
    1. Basics of AWS Identity and Access Management
      1. Principals on AWS
      2. IAM Policies
      3. Principle of Least Privilege
      4. PoLP and Blast Radius
      5. Structure of AWS IAM Policies
      6. Principal-Based Policies
      7. Resource-Based Policies
      8. The Zone of Trust
      9. Evaluation of Policies
    2. Advanced Concepts in AWS IAM Policies
      1. IAM Policy Conditions
      2. AWS Tags and Attribute-Based Access Control
      3. “Not” Policy Elements: NotPrincipal and NotResource
      4. Wrapping Up IAM Policies
    3. Role-Based Access Control
      1. RBAC Modeling
      2. Securing Roles
      3. Assuming Roles
      4. Assume Roles Using the AWS Command-Line Interface (CLI)
      5. Switching Roles Using AWS Management Console
      6. Service-Linked Role
    4. Authentication and Identity Management
      1. Basics of Authentication
      2. Identity Federation on AWS
      3. Identity Federation Using SAML 2.0 and OpenID Connect
    5. RBAC and Microservices
      1. Execution Roles
      2. RBAC with AWS Lambda
      3. RBAC with EC2 and the Instance Metadata Service
      4. RBAC with Amazon EKS Using IAM Roles for Service Accounts
    6. Summary
  4. 3. Foundations of Encryption
    1. Brief Overview of Encryption
      1. Why Is Encryption Important on AWS?
      2. Why Is Encryption Important for Microservice Architectures?
      3. Encryption on AWS
      4. Security Challenges with Key-Based Encryption
      5. Business Problem
    2. AWS Key Management Service
      1. Basic Encryption Using CMK
      2. Envelope Encryption
      3. Envelope Encryption in Action
    3. Security and AWS KMS
      1. KMS Contexts and Additional Authenticated Data
      2. Key Policies
      3. Grants and ViaService
      4. CMK and Its Components and Supported Actions
      5. Regions and KMS
      6. Cost, Complexity, and Regulatory Considerations
    4. Asymmetric Encryption and KMS
      1. Encryption and Decryption
      2. Digital Signing (Sign and Verify)
    5. Domain-Driven Design and AWS KMS
      1. Contextual Boundaries and Encryption
      2. Accounts and Sharing CMK
      3. KMS and Network Considerations
      4. KMS Grants Revisited
    6. KMS Accounts and Topologies: Tying It All Together
      1. Option 1: Including the CMK Within Bounded Contexts
      2. Option 2: Using a Purpose-Built Account to Hold the CMK
    7. AWS Secrets Manager
      1. How Secrets Manager Works
      2. Secret Protection in AWS Secrets Manager
    8. Summary
  5. 4. Security at Rest
    1. Data Classification Basics
    2. Recap of Envelope Encryption Using KMS
    3. AWS Simple Storage Service
      1. Encryption on AWS S3
      2. Access Control on Amazon S3 Through S3 Bucket Policies
      3. Amazon GuardDuty
      4. Nonrepudiation Using Glacier Vault Lock
    4. Security at Rest for Compute Services
      1. Static Code Analysis Using AWS CodeGuru
      2. AWS Elastic Container Registry
      3. AWS Lambda
      4. AWS Elastic Block Store
      5. Tying It All Together
    5. Microservice Database Systems
      1. AWS DynamoDB
      2. Amazon Aurora Relational Data Service
    6. Media Sanitization and Data Deletion
    7. Summary
  6. 5. Networking Security
    1. Networking on AWS
      1. Controls
      2. Understanding the Monolith and Microservice Models
      3. Segmentation and Microservices
      4. Software-Defined Network Partitions
    2. Subnetting
      1. Routing in a Subnet
      2. Gateways and Subnets
      3. Public Subnet
      4. Private Subnet
      5. Subnets and Availability Zones
      6. Internet Access for Subnets
    3. Virtual Private Cloud
      1. Routing in a VPC
      2. Microsegmentation at the Network Layer
    4. Cross-VPC Communication
      1. VPC Peering
      2. AWS Transit Gateway
      3. VPC Endpoints
      4. Wrap-Up of Cross-VPC Communication
    5. Firewall Equivalents on the Cloud
      1. Security Groups
      2. Security Group Referencing (Chaining) and Designs
      3. Properties of Security Groups
      4. Network Access Control Lists
      5. Security Groups Versus NACLs
    6. Containers and Network Security
      1. Block Instance Metadata Service
      2. Try to Run Pods in a Private Subnet
      3. Block Internet Access for Pods Unless Necessary
      4. Use Encrypted Networking Between Pods
    7. Lambdas and Network Security
    8. Summary
  7. 6. Public-Facing Services
    1. API-First Design and API Gateway
    2. AWS API Gateway
      1. Types of AWS API Gateway Endpoints
    3. Securing the API Gateway
      1. API Gateway Integration
      2. Access Control on API Gateway
      3. Infrastructure Security on API Gateway
    4. Cost Considerations While Using AWS API Gateway
    5. Bastion Host
      1. Solution
    6. Static Asset Distribution (Content Distribution Network)
      1. AWS CloudFront
      2. Signed URLs or Cookies
      3. AWS Lambda@Edge
    7. Protecting Against Common Attacks on Edge Networks
      1. AWS Web Application Firewall
      2. AWS Shield and AWS Shield Advanced
      3. Microservices and AWS Shield Advanced
      4. Cost Considerations for Edge Protection
    8. Summary
  8. 7. Security in Transit
    1. Basics of Transport Layer Security
      1. Digital Signing
      2. Certificates, Certificate Authority, and Identity Verification
      3. Encryption Using TLS
    2. TLS Termination and Trade-offs with Microservices
      1. TLS Offloading and Termination
    3. Cost and Complexity Considerations with Encryption in Transit
    4. Application of TLS in Microservices
      1. Security in Transit While Using Message Queues (AWS SQS)
      2. gRPC and Application Load Balancer
      3. Mutual TLS
    5. A (Very Brief) Introduction to Service Meshes: A Security Perspective
      1. Proxies and Sidecars
      2. App Mesh Components and Terminology
      3. TLS and App Mesh
      4. mTLS Revisited
      5. AWS App Mesh: Wrap-Up
    6. Serverless Microservices and Encryption in Transit
      1. AWS API Gateway and AWS Lambda
      2. Caching, API Gateway, and Encryption in Transit
    7. Field-Level Encryption
    8. Summary
  9. 8. Security Design for Organizational Complexity
    1. Organizational Structure and Microservices
      1. Conway’s Law
      2. Single Team Oriented Service Architecture
      3. Role-Based Access Control
      4. Privilege Elevation
      5. Permission Boundaries
      6. Permission Boundaries to Delegate Responsibilities
    2. AWS Accounts Structure for Large Organizations
      1. AWS Accounts and Teams
      2. AWS Organizations
      3. Organizational Units and Service Control Policies
      4. Purpose-Built Accounts
    3. AWS Tools for Organizations
      1. AWS Organizations Best Practices
      2. AWS Resource Access Manager
      3. Shared Services Using AWS RAM
      4. AWS Single Sign-On
      5. Enforcing Multifactor Authentication in Accounts
    4. Simplifying a Complex Domain-Driven Organization Using RBAC, SSO, and AWS Organizations
    5. Summary
  10. 9. Monitoring and Incident Response
    1. NIST Incident Response Framework
      1. Step 1: Design and Preparation
      2. Step 2: Detection and Analysis
      3. Step 3: Containment and Isolation
      4. Step 4: Forensic Analysis
      5. Step 5: Eradication
      6. Step 6: Postincident Activities
    2. Securing the Security Infrastructure
      1. Securing a CloudTrail
      2. Purpose-Built Accounts
    3. Summary
  11. A. Terraform Cloud in Five Minutes
    1. Setup
      1. Creating Your Workspace
      2. Adding AWS Access and Secret Key
    2. Terraform Process
      1. Providers
      2. State
      3. Plans
      4. Apply
    3. Writing Your Terraform Infrastructure as Code
      1. Root Module and Folder Structure
      2. Input Variables
      3. Resources
      4. Running and Applying Your Plan
  12. B. Example of a SAML Identity Provider for AWS
    1. A Hands-On Example of a Federated Identity Setup
      1. Step 1: Configure Your IdP
      2. Step 2: Export Metadata to Be Imported into AWS Account
      3. Step 3: Add Your SAML IdP as a Trusted IdP
      4. Step 4: Create a Role That Your Federated Users Can Assume to Interact with Your AWS Account
      5. Step 5: Control Access to Multiple Roles Using Custom Attributes Within the IdP
    2. Summary
  13. C. Hands-On Encryption with AWS KMS
    1. Basic Encryption Using the CMK
    2. Basic Decryption Using the CMK
    3. Envelope Encryption Using the CMK
    4. Decrypting an Envelope Encrypted Message
  14. D. A Hands-On Example of Applying the Principle of Least Privilege
    1. Step 1: Create an AWS IAM Policy for Your Task
    2. Step 2: Define the Service, Actions, and Effect Parameters of an IAM Policy
    3. Step 3: Define the Resource
    4. Step 4: Request Conditions
    5. Step 5: Confirm the Resulting Policy
    6. Step 6: Save the Policy
    7. Step 7: Attach the Policy to a Principal
    8. Summary
  15. Index

Product information

  • Title: Security and Microservice Architecture on AWS
  • Author(s): Gaurav Raje
  • Release date: September 2021
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: 9781098101466