Applying security within AWS requires a layered approach, one of those layers can be centered around your web application infrastructure. Ensuring you implement controls and safeguards against your web applications is essential. By their very nature, they are external facing to the open public and with that comes additional threats and risks. As soon as your services are made available to the public, it will not be long before someone, somewhere will be trying to access your data and application in a malicious and harmful way. This chapter will focus on some of the methods and techniques that can be used to help mitigate such threats and exposures.
The following topics will be covered in this chapter:
- AWS web application firewall (WAF)
- AWS Shield
- AWS Firewall Manager