Learn to build robust security controls for the infrastructure, data, and applications in the AWS Cloud.


  • Takes a comprehensive layered security approach that covers major use-cases.
  • Covers key AWS security features leveraging the CLI and Management Console.
  • Step-by-step instructions for all topics with graphical illustrations.
  • Relevant code samples written in JavaScript (for Node.js runtime).


If you're looking for a comprehensive guide to Amazon Web Services (AWS) security, this book is for you. With the help of this book, cloud professionals and the security team will learn how to protect their cloud infrastructure components and applications from external and internal threats.

The book uses a comprehensive layered security approach to look into the relevant AWS services in each layer and discusses how to use them. It begins with an overview of the cloud's shared responsibility model and how to effectively use the AWS Identity and Access Management (IAM) service to configure identities and access controls for various services and components. The subsequent chapter covers AWS infrastructure security, data security, and AWS application layer security. Finally, the concluding chapters introduce the various logging, monitoring, and auditing services available in AWS, and the book ends with a chapter on AWS security best practices.

By the end, as readers, you will gain the knowledge and skills necessary to make informed decisions and put in place security controls to create AWS application ecosystems that are highly secure.


  • Learn to create a layered security architecture and employ defense in depth.
  • Master AWS IAM and protect APIs.
  • Use AWS WAF, AWS Secrets Manager, and AWS Systems Manager Parameter Store.
  • Learn to secure data in Amazon S3, EBS, DynamoDB, and RDS using AWS Key Management Service.
  • Secure Amazon VPC, filter IPs, use Amazon Inspector, use ECR image scans, etc.
  • Protect cloud infrastructure from DDoS attacks and use AWS Shield.


The book is intended for cloud architects and security professionals interested in delving deeper into the AWS cloud's security ecosystem and determining the optimal way to leverage AWS security features. Working knowledge of AWS and its core services is necessary.