Archives for Cloud Computing - Page 2
Inbound and Outbound on Firewall Rules – Forward and Reverse Proxies
Inbound only refers to the INITIATOR of the connection. As does OUTBOUND. So - when we say we are opening up port 443 outbound - we are essentially saying that…
Cloud Health for Kubernetes Clusters and VMs
Tying an Azure Subscription (or AWS account) to Cloud health portal You have two options (for Azure). Either use an EA (get an Enrollment ID from your EA) and use…
Cost Optimization Tools
I wrote previously about cloud pre-migration assessment tools (Movere, ). Once you are in the cloud, you would need something called a 'Cost Optimization' tool. These tools can range from…
Delete Default VPCs in AWS using bash
Default VPCs, with their default NACLs - all need to be removed. To delete default VPCs in a region, one needs to first delete any IgWs, any NAT gateways etc.…
Enabling Encryption on Existing EBS volumes or RDS Instances
RDS encryption RDS encryption can only be setup during initial creation. If you need to do it after the fact, the correct process is to create a snapshot, encrypt the…
Production Data Copy Options on the Public Cloud
The Use Case Often, a copy of Production data ( in a database) is needed over in a non production environment (in the public cloud). This would entail moving data…
Security Hub Notification emails – Severity Level Filtered
Also read - Securing S3 buckets How do I send out a custom email for all the config violations (all the security hub events) that arise in my account? Use…
Cloudflare for S3 Content Protection
Ever thought about protecting your s3 workloads just the same as your compute workloads (for behind a WAF )? Cloudflare on AWS can be used to server s3 content. The…
OUs and Security
Also read AWS Security Risk Factors and AWS Security Audits - Roles, Policies and GCP, Azure Equivalents Your Account Hierarchy Ensure that you have set up an org hierarchy -…
AWS Data Life Cycle Management Policies
Tags created by DLM (these are used to distinguish the resource tags from tags created otherwise) aws:dlm:lifecycle-policy-idaws:dlm:lifecycle-schedule-name aws:dlm:expirationTime dlm:managed Types of DLM Policies Snapshot lifecycle policy— Most Common. These help…