Innovation never ends, and it is genuinely always Day 1. What was good yesterday is no longer good going forward. This post will highlight a few tips that will help any AWS innovator. Which of these tips are relevant to you? At least 49% of us must implement one of these tips. Read on to see why.
Tip 1 – Change your account access keys
It is not safe to keep account access keys unchanged for long periods. Change all your passwords, credentials and API access keys frequently! Read further below to see a nifty AWS tool that can help you change your account keys.
Tip 2 – Disable root account logins
Delete your AWS root account login, because they provide unrestricted access to your AWS resources. Instead, set up specific IAM users. It does not take long to implement this recommendation and be more secure.
Tip 3 – Do not store passwords in code
AWS provides a nifty tool called AWS Secrets Manager that can help “hide” passwords, but also assist in frequent password rotation. As an example, you can use the AWS Secret Manager to secure your WordPress blog. How? Well, you no longer need to store your database password in the WordPress config file!
Tip 4 – Threat detection is just as important as threat prevention
It is all good and well that you secure your platform, but you also need to know if your platform was compromised. You can use using AWS GuardDuty to detect threats. AWS GuardDuty continuously monitors for malicious activity and behaviour to protect your AWS accounts.
Tip 5 – Use encryption at rest and also in transit
There is no reason why your communications or data cannot be encrypted at rest or in transit. 49% of organisations leave their databases unencrypted*. All the AWS services support encryption of data at rest or in transit.
Tip 6 – Go serverless, where possible
Serverless technology is an excellent way to since it scales with demand automatically. Your existing PHP scripts can become serverless using the AWS Lambda and custom runtimes.
Tip 7 – Use a Content Delivery Network (or CDN)
You can use a CDN for both static/dynamic content and API services. The AWS CloudFront CDN provides many services that will generally make your site or app more responsive. Using a CDN is not expensive and will significantly enhance your customer experience.
Tip 8 – Start using a code repository
A Code repository such as AWS Code Commit allows you to collaborate on code and implement version control. Start using this early and then, later on, develop a mature model to test and deploy code into your production environment continuously.
Tip 9 – Use the right database for the job
Speed up your app by using the correct database for the task at hand. AWS provides several database types supporting relational data but also key-value, in-memory, document, graph or time-series data.
Tip 10 – Don’t be afraid to ask
The AWS support and architecture team are always willing to help. The AWS team were quite friendly, and you will find that no question is a silly question. You can use events like the AWS Summit or many of the other activities that they organise, even if you do not have a paid support plan.
*as per the team at Palo Alto Networks.
What are your tips tips to help any AWS innovator? Let me know and I will add them here for all to share.