Best Practices in AWS Application Management - Part 2 - Security

This post is the second in our series on AWS application management and associated best practices. You can find part one of the series here. In this part we are going to look at security and some things that need to be considered when moving your application to the cloud in general and AWS in particular.

Haven't we been doing this forever?

This is the first thing that many IT pros ask when we start talking about security. And the answer is yes, we have and many of those lessons that have been learned continue to apply. However, some things do change when you move to the cloud.

  • You are no longer responsible for physical security.

  • You are no longer responsible for patching the underlying hypervisor.

  • Depedending on the service that you are using, you may not be responsible for OS or application level patching either.

Read More

Best Practices in AWS Management - Part 1

The public cloud in general, and AWS in particular are changing the way that systems administrators think about the infrastructure that they manage and the applications that run on that infrastructure. Things are becoming far less permanent and more ephemeral and temporary. We now deal in instances that last until the next deployment instead of servers that are bought every 3-5 years. We now purpose build resources for an application instead of making a new application fit on existing hardware resources. This requires a new approach and new best practices.

Read More