|   Trend Micro Cloud One™
Open menu

Ensure a new AWS Service added to your existing infrastructure is cloud best practice compliant

Relevant users

Technical Team member
DevOps Team member
Security Analyst  
Security Engineer
Compliance Manager  
Project Manager  
Security Team Management
Consultant

Example

I am about to deploy a new service into Dev that my company has no experience with. How can I ensure that we built it securely, that it will be cost effective, and perform well from day one?

Cloud Conformity Solution

Step 1. Launch the new service using AWS console, CLI or CloudFormation.

Hint: If you use a CloudFormation template to manage your infrastructure stack, and have used it to deploy your new AWS service, then use Template Scanner to check that your CloudFormation template is compliant with cloud infrastructure best practices.

Step 2. In Cloud Conformity open the account containing the new AWS service.

Step 3. Conformity bot needs to run in order to run Cloud Conformity’s rule set against the new AWS service’s resources. Either wait for the next scheduled Conformity Bot run or run it manually from the main account dashboard.

After the Conformity bot run, rule Checks will be accessible in your Cloud Conformity reports. Checks will be displayed as Passed or Failed.

Step 4. Go to the All Checks Report and Filter All Checks by the newly launched AWS service.

Hint: If your organisation has a custom governance policy, this can be configured as a Profile and applied to the account. Checks will then reflect this custom rule Profile.

Step 5. Remediate failed checks for the new AWS service using the resolution steps provided in the knowledge base.

Optional: RTM can be enabled for real-time event monitoring of security best practice compliance.

Optional: Make use of Cloud Conformity’s auto-remediation capabilities to automate remediation of failed checks.