Back to course

Basic AWS/Azure Security Concepts

Cyber Security Mastery: From Zero to Hero

Security in Major Cloud Platforms

Regardless of the cloud provider, Identity and Access Management (IAM) is the single most critical security control.

IAM (Identity and Access Management)

  • AWS IAM/Azure AD: These services control who can access what cloud resources and under what conditions.
  • Principle of Least Privilege in Cloud: Do not grant excessive permissions to users or services. A virtual machine should only have permissions necessary for its intended task, no more.

Network Security Groups (NSG) / Security Groups (SG)

These act as stateful, virtual firewalls for your cloud resources (VMs).

  • Function: Control incoming and outgoing traffic based on IP address, port, and protocol.
  • Security Tip: Never expose management ports (SSH 22, RDP 3389) to the entire internet (0.0.0.0/0). Restrict access only to known source IPs or via a VPN.