Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from AWS Security Cookbook Practical solutions for managing security policies, monitoring, auditing, and compliance with AWS

Product type Paperback

Published in Feb 2020

Publisher Packt

ISBN-13 9781838826253

Length 440 pages

Edition 1st Edition

Tools

AWS

Concepts

Cloud Security

Author (1):

Heartin Kanikathottu

View More author details

Table of Contents (12) Chapters

Preface

1. Managing AWS Accounts with IAM and Organizations

2. Securing Data on S3 with Policies and Techniques FREE CHAPTER

3. User Pools and Identity Pools with Cognito

4. Key Management with KMS and CloudHSM

5. Network Security with VPC

6. Working with EC2 Instances

7. Web Security Using ELBs, CloudFront, and WAF

8. Monitoring with CloudWatch, CloudTrail, and Config

9. Compliance with GuardDuty, Macie, and Inspector

10. Additional Services and Practices for AWS Security

11. Other Books You May Enjoy

Leave a review - let other readers know what you think

Using key policies with conditional keys

In this recipe, we will learn how to use key policies, especially with key policy conditions. Resource-based policies attached to CMKs are called key policies. For managing access to KMS resources, we can use key policies alone, or we can use IAM policies and grants along with key policies.

In general, permissions policies specify the resources that access has to be provided to, what actions are provided, and who gets those permissions. We can attach policies to IAM identities such as users, groups, roles, and more, called IAM policies, or to services such as S3, KMS, and more, which are known as resource-based policies.

Getting ready

We need an S3 bucket to complete this recipe. I...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

Kanikathottu

Heartin Kanikathottu is an accomplished cloud architect renowned for leading technological transformations in cloud computing and security at prestigious organizations. He is also a prolific author recognized globally, with his book, AWS Security Cookbook, First Edition, being named the eighth best in cloud computing by BookAuthority in 2020. His impressive career includes roles as founder of Trainso and Coding Architect Canada, vice president at Morgan Stanley, principal architect at Societe Generale, and cloud and security architect at VMware. He has also worked at TCS, SAP Ariba, and IG Group. He holds over 15 professional certifications from Microsoft, Amazon, Oracle, Pivotal, and IBM, and dual master's degrees in cloud computing and data analytics. He is also a regular speaker at many technical forums.

See other products by Kanikathottu