Auditing is an important phase which helps the organization to ensure that the standards are met within the environment. In a traditional Data-center environment, the auditing process included auditing - infrastructure, policies and procedures, users and so on.
When companies who are using different CSPs for Infrastructure as a service (IaaS), the business model uses a shared responsibility model. In this case, it is the organization's responsibility to audit their infrastructure been hosted in the CSP. This blog gives an overview of how to perform a basic audit in the AWS environment.
1. Amazon IAM.
This is the most important service in the auditing process. IAM aka Identity and Access Management, keeps track of the users, access controls and the permissions. An auditor's responsibility here is to ensure that there is no gaps in permissions and gaps.
Refer the below blog post for detailed IAM Audit.
2. Amazon Elastic compute cloud (EC2)
In this phase of audit, the infrastructure architecture is being audited. Refer the below blog post for detailed audit.
3. Amazon Virtual Private Cloud (VPC)
In this phase the auditor checks the networking/VPC(in case of cloud environment). Refer the below blog post for detailed audit process for VPC.
4. Amazon Cloud-watch.
In this phase of audit, the auditor checks if there are proper monitoring mechanisms in place for the basic EC2 instances.
Refer the below blog post for detailed audit process of cloud-watch.
5. Amazon Cloudtrail.
This phase of audit is again a check on the monitoring mechanism, where the auditor checks if there are proper alarms set on the critical servers.
Refer the below post for detailed audit process of cloud-trail.
Comments