Issue link: https://read.uberflip.com/i/1187300
Amazon Web Services – HPC Lens AWS Well-Architected Framework Page 24 Security Pillar The security pillar includes the ability to protect information, systems, and assets while delivering business value through risk assessments and mitigation strategies. Design Principles In the cloud, there are a number of principles that can help you strengthen your system security. HPC workloads often contain and create confidential and sensitive information. AWS security best practices are designed to protect your data. • Implement a principle of least privilege: Ensure that authorization is appropriate for each interaction with your AWS resources and implement strong logical access controls directly on resources. • Focus on securing your system: With the AWS Shared Responsibility Model you can focus on securing your application, data, and operating systems, while AWS provides secure infrastructure and services. • Automate security best practices: Software-based security mechanisms improve your ability to securely scale more rapidly and cost-effectively. Create and save a patched, hardened image of a virtual server, and then use that image automatically on each new server you launch. Create an entire trust zone architecture that is defined and managed in a template via revision control. Automate the response to both routine and anomalous security events. • Limit exposure of sensitive data: HPC data is typically produced within a limited time, allowing for migration of the data from the server to high-availability storage options such as on Amazon S3. This minimizes the possibility of unauthorized access of the data. • Enable traceability: Log and audit all actions and changes to your environment. Definition There are 5 best practice areas for security in the cloud: