Securing Your AWS Account
The first step in securing your application is making sure your AWS account is secure. No application safeguards in the world will be effective if an attacker can just log into your AWS account and turn them off.
In fact, if your AWS account becomes compromised, more than just a single application would be at risk. Accidentally allowing an attacker to access your AWS account can be an expensive mistake. Anyone who gains access to it could, for example, spin up hundreds of g2.8xlarge EC2 instances and mine for bitcoins until you discover what’s going on. There have been cases of people writing bots to check public GitHub accounts for AWS credentials to do this very thing. So before we talk about application security, ...
Get Serverless Single Page Apps now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.