Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Free Learning

You're reading from AWS Security Cookbook Practical solutions for managing security policies, monitoring, auditing, and compliance with AWS

Product type Paperback

Published in Feb 2020

Publisher Packt

ISBN-13 9781838826253

Length 440 pages

Edition 1st Edition

Tools

AWS

Concepts

Cloud Security

Author (1):

Heartin Kanikathottu

View More author details

Table of Contents (12) Chapters

Preface

1. Managing AWS Accounts with IAM and Organizations

2. Securing Data on S3 with Policies and Techniques FREE CHAPTER

3. User Pools and Identity Pools with Cognito

4. Key Management with KMS and CloudHSM

5. Network Security with VPC

6. Working with EC2 Instances

7. Web Security Using ELBs, CloudFront, and WAF

8. Monitoring with CloudWatch, CloudTrail, and Config

9. Compliance with GuardDuty, Macie, and Inspector

10. Additional Services and Practices for AWS Security

11. Other Books You May Enjoy

Leave a review - let other readers know what you think

Granting permissions programmatically with grants

KMS grants can be used to give temporary granular permissions to AWS KMS API operations such as encrypt, decrypt, describe keys, and more. We can use grants to provide access to a user in their own account or even another account. In this recipe, we will grant access to a user so that they can encrypt and decrypt files using AWS KMS.

Getting ready

We need a working AWS account and two users: an administrator user and a user with no permissions. The CLI profiles should be configured for these users. I will be calling these users and their CLI profiles awssecadmin and testuser, respectively.

Create a KMS key by following previous recipes in this chapter. Alternatively, use the...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (1)

Kanikathottu

Heartin Kanikathottu is an accomplished cloud architect renowned for leading technological transformations in cloud computing and security at prestigious organizations. He is also a prolific author recognized globally, with his book, AWS Security Cookbook, First Edition, being named the eighth best in cloud computing by BookAuthority in 2020. His impressive career includes roles as founder of Trainso and Coding Architect Canada, vice president at Morgan Stanley, principal architect at Societe Generale, and cloud and security architect at VMware. He has also worked at TCS, SAP Ariba, and IG Group. He holds over 15 professional certifications from Microsoft, Amazon, Oracle, Pivotal, and IBM, and dual master's degrees in cloud computing and data analytics. He is also a regular speaker at many technical forums.

See other products by Kanikathottu