.png)
There are some very well-known architectural principles for Cloud that apply to security. Unfortunately, there are few industry design frameworks that are accepted for secure Cloud architecture.
CSA’s Enterprise Architecture seeks to promote a sound reference architecture with best practices and processes for a secure Cloud. In this post, I'll try and map between the CSA Guiding Principles and real life examples, on how we can steer and implement those into our Cloud environments.
There isn't a single "formula" on how we follow and implement the guidelines, but at the very least, we should determine the level of overall architecture maturity of our organisation, ensure we look into multi-account or subscription architectures, centralised deployments are planned, have a streamlined central deployment incorporating DevSecOps principles and ensure all feedback loop and storage controls are optimised.
Here below we can find how I broke those 'Guiding Principles' down into an actual real-world practice, visualised by actual steps and approach taken against each of the Principles.
Note: Although the following refers to an AWS solution, this should be a fairly straight forward task to translate it into other CSPs platforms and technologies. I'd also suggest reading the "Security Principle of the month" blog posts series, which provides a wide range of ideas and functions for implementing the CSA guidelines.
Comments