CreateTOTALLY LogoPssst....we're hiring!
Craig Cartmell
Craig Cartmell

Craig Cartmell · CTO

1 min read
Share on Twitter
Share on Facebook
Share on LinkedIn

Useful AWS services as you scale

Useful AWS services as you scale cover photo.

We recently completed our Well Architected review and as part of the remediation, we started utilising some perhaps less talked about AWS services.

As your product grows, so too does the architectural complexity.

AWS offers a number of services which can provide valuable insight here.

GuardDuty

GuardDuty is an intelligent threat detection service which continuously monitors your AWS accounts and flags up any suspicious activity.

This can range from things like attempted brute force SSH access or someone accessing your services using Root credentials, which is not recommended.

It's particularly useful if you have multiple AWS accounts as it creates a central audit log. It also provides steps to fix any issues which are raised.

CloudTrail

CloudTrail monitors and records your entire AWS infrastructure, allowing you to keep an eye on user activity. This becomes increasingly important as your team scales, ensuring access is sufficiently locked down.

SSO (Single Sign-On)

SSO provides you with a centralised place to manage access to your AWS accounts and services. Initially with a small team of engineers you may be able to get by using IAM and security tokens but this becomes harder to manage with a larger team and means you have to implement some form of key rotation.

With SSO, we simply allow developers to access the console using one and two-factor authentication. From here they can generate their own temporary credentials for accessing the services they're permitted, such as development resources.

CreateTOTALLY  is a next-generation marketing execution platform, uniquely connecting media planning to campaign automation.