Ask HN: What does your AWS/Azure/cloud architecture look like?

1 points by freehunter ↗ HN
My day job is an information security consultant. More and more we're being asked to recommend and consult on cloud security. Questions like "what should we be logging?", "should we use EC2 or Elastic Beanstalk?", "should we use AWS Control Tower?". Our team is trying to beef up our cloud skills, but none of us are developers and none of us work in this environment regularly. We're trying to fix that, but the question is what cloud technologies are actually being used, and which ones can we put less emphasis on when we're doing training?

So with that in mind, if your company uses cloud services what technologies are you actually using? If you were hiring a cloud security consultant, what questions would you have?

2 comments

[ 0.22 ms ] story [ 16.2 ms ] thread
Google Cloud all the way, more secure by default and with optimization. Mainly GKE and some other services. We use Istio, gVisor, and SA binding for enhanced security. Need to VPN and container / source scan still.

AWS must be good for your business ;]

Actually of the few clients I've worked with who needed cloud help, the majority have been using Google Cloud. Between AWS, Azure, and Google Cloud, Google seems to be (by far) more difficult to get logs out of and into your security monitoring tools.