AWS IAM
Before cloud services like AWS, Azure, or Google Cloud were available, cyber security was very different. Companies needed to build their own data centers or rent space with hosting companies to deploy their own servers somewhere else. Virtual security for those enterprise data centers was based on one fundamental idea: keep the bad actors out.
As seen in Figure 7.1, the main security perimeter for an enterprise was created using a firewall between the cloud (everything external to the enterprise) and the enterprise servers. Within the enterprise data center, an internal firewall would also separate the trusted part of the network from the Demilitarized Zone (DMZ), where the public-facing servers, such as web and mail servers, would reside:
Figure 7.1 – Security before the cloud
In a typical scenario, a user would try to access a web application from Acme and connect to its web server. The user would then log in to the web server and...
