You're reading from Cloud Security Handbook Effectively secure cloud environments using AWS, Azure, and GCP

Product type Paperback

Published in Apr 2025

Publisher Packt

ISBN-13 9781836200017

Length 482 pages

Edition 2nd Edition

Concepts

Cloud Security

Author (1):

Eyal Estrin

View More author details

Table of Contents (24) Chapters

Preface

1. Part 1:Securing Infrastructure Cloud Services FREE CHAPTER

2. Chapter 1: Introduction to Cloud Security

3. Chapter 2: Securing Compute Services – Virtual Machines

4. Chapter 3: Securing Compute Services – Containers and Kubernetes

5. Chapter 4: Securing Compute Services – Serverless and FaaS

6. Chapter 5: Securing Storage Services

7. Chapter 6: Securing Networking Services – Part 1

8. Chapter 7: Securing Networking Services – Part 2

9. Chapter 8: Securing Generative AI Services

10. Part 2: Deep Dive into IAM, Auditing, and Encryption

11. Chapter 9: Effective Strategies for Implementing IAM Solutions

12. Chapter 10: Auditing and Threat Management in Cloud Environments

13. Chapter 11: Applying Encryption in Cloud Services

14. Part 3: Threat and Vendor Management

15. Chapter 12: Understanding Common Security Threats to Cloud Services

16. Chapter 13: Engaging with Cloud Providers

17. Part 4: Advanced Use of Cloud Services

18. Chapter 14: Managing Hybrid Clouds

19. Chapter 15: Managing Multi-Cloud Environments

20. Chapter 16: Implementing DevSecOps

21. Chapter 17: Security in Large-Scale Environments

22. Index

Why subscribe?

23. Other Books You May Enjoy

Best practices for securing network access to an instance

Access to VMs is protected by network-based access control mechanisms. Network-based access controls are the equivalent of the on-premises layer 4 network firewall or access control mechanism.

Network access refers to the action of connecting to a VM over the network and protecting it from unauthorized access using network access control lists (NACLs) (such as the on-prem firewall).

Network access controls work in one of the following ways:

Stateless – The receiver (for example, a firewall) does not maintain the previous connection’s state (of the client). Suitable for scenarios that require high network speed. It requires the configuration of both inbound and outbound network rules.
Stateful – The receiver (for example, a firewall) maintains the entire connection’s state (of the client). Suitable for scenarios where we need to maintain information about connections between a client...