Build Systems that Drive Business
June 11–12, 2018: Training
June 12–14, 2018: Tutorials & Conference
San Jose, CA

Deploy security controls for serverless apps with infrastructure-as-code tools

Luis Colon (Amazon Web Services)
3:40pm–4:20pm Wednesday, June 13, 2018
Building Secure Systems, Continuous Delivery
Location: LL21 E/F Level: Intermediate
Secondary topics: Resilient, Performant & Secure Distributed Systems
Average rating: ****.
(4.25, 4 ratings)

Prerequisite knowledge

  • A basic understanding of serverless functions and typical dependent cloud resources in AWS implementations
  • Experience or awareness of AWS monitoring, logging, and infrastructure-as-code services (useful but not required)

What you'll learn

  • Explore monitoring and logging controls can be automatically deployed using infrastructure-as-code tools, particularly in serverless deployments

Description

Infrastructure-as-code tools can be used to automate the deployment of serverless functions and dependent resources in production environments, and the same tools can be used to deploy controls like monitoring and logging for these serverless applications. The Center for Internet Security (CIS) publishes benchmarks which provide consensus-based configuration guidelines developed by experts in US government, business, industry, and academia. Organizations can use these benchmarks to help assess and improve security controls.

Luis Eduardo Colon demonstrates where monitoring and logging controls can be automatically deployed using infrastructure as code tools and how to best integrate this automation with serverless deployments. You’ll learn about the CIS AWS Foundations Benchmark V1.1.0, discover how accounts can be hardened, how to implement continuous monitoring capabilities, and what controls cannot be fully automated, and explore security considerations for serverless applications.

Photo of Luis Colon

Luis Colon

Amazon Web Services

Luis Eduardo Colon is a senior developer advocate for CloudFormation at Amazon Web Services. Previously, Luis was chief architect for TeamQuest and director of research and development for CDS Global. His areas of interest include DevOps automation, data science, Agile methodologies, and serverless applications. Luis holds a BS in computer engineering from Iowa State University and an MS in data analytics from SNHU.