NORMA eResearch @NCI Library

Provisioning Secure Cloud Environment Using Policy-as-code and Infrastructure-as-code

Tripathi, Ayushi (2023) Provisioning Secure Cloud Environment Using Policy-as-code and Infrastructure-as-code. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
PDF (Master of Science)
Download (1MB) | Preview
[thumbnail of Configuration manual]
Preview
PDF (Configuration manual)
Download (2MB) | Preview

Abstract

Cloud capabilities are being embraced and managed throughout the organization, not only by IT personnel. This decentralized system necessitates the development of automated governance methods, since it can be difficult for teams to manually apply and validate compliance, security, or operating regulations. The Center for Internet Security (CIS) Controls reduce the likelihood of data breaches, data leaks, intellectual property theft, and other cyber threats. A solution to automate the deployment of a policy compliant infrastructure by codifying numerous policies across the business, help organizations use Infrastructure as Code and Policy as Code best practices. Terraform which is used as an Infrastructure as Code (IaC) tool is utilised to enable infrastructure provisioning automation which minimizes human error, reduces future risk and saves time and resources for the team.

This work presents an approach for an automated policy compliant secure infrastructure deployed on Amazon Web Service platform using Terraform. The infrastructure is compliant with CIS Amazon Web Services Foundations v1.4.0 and AWS Foundational Security Best Practices v1.0.0. The critical severity policies from CIS Ubuntu Linux 20.04 LTS Benchmarks have been implemented for Elastic Compute (EC2) web server.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Sahni, Vikas
UNSPECIFIED
Uncontrolled Keywords: Center for Internet Security; Terraform; AWS; Security Best Practices
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Cloud computing
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 05 May 2023 15:18
Last Modified: 05 May 2023 15:18
URI: https://norma.ncirl.ie/id/eprint/6549

Actions (login required)

View Item View Item