Compute Abstractions on AWS

These abstractions are designed to simplify the process of creating applications by allowing users to focus on the application itself rather than the underlying infrastructure. There was an evolution of compute abstractions over time, from bare metal to virtual machines, containers, and serverless computing. It is important to select the appropriate compute abstraction for a specific workload based on factors such as scalability, performance, and cost efficiency. Article link - https://aws.amazon.com/blogs/architecture/compute-abstractions-on-aws-a-visual-story/

13 Compliance Frameworks For Cloud-Based Organizations

There are various compliance frameworks that cloud-based organizations can utilize to ensure their operations are in compliance with regulatory requirements, 13 to be more precise. ISO 27001; NIST Cybersecurity Framework; SOC 1; SOC 2; SOC 3; PCI DSS; HIPAA; HITRUST CSF; FedRAMP; FISMA; GDPR; CCPA; APAC Data Privacy Frameworks. Each of the thirteen frameworks is explained in detail, including their scope, key requirements, and benefits for organizations. The article also discusses the challenges and potential pitfalls that organizations may face when implementing these frameworks.

Article link - https://www.horangi.com/blog/13-compliance-frameworks-for-cloud-based-organizations

Cloud Controls Matrix (CCM)

The CSA Cloud Controls Matrix (CCM) is a cybersecurity control framework for cloud computing. CCM can be used for document controls for multiple standards and regulations in one place, clarify the shared responsibility model, assess a cloud service provider and eliminates the need for multiple questionnaires from individual cloud consumers and submit to the STAR Registry.

For more about this - https://cloudsecurityalliance.org/research/cloud-controls-matrix/

CSA Security Guidance for Critical Areas of Focus in Cloud Computing

The domains which comprise the CSA Guidance are tuned to address both the strategic and tactical security “pain points” within a cloud environment and can be applied to any combination of cloud service and deployment model. We have over 25+ research working groups dedicated to creating further guidance and frameworks for these domains. Like for example DOMAIN 1 Cloud Computing Concepts and Architecture, DOMAIN 2 Governance and Enterprise Risk Management, and 23 more.

Article link - https://cloudsecurityalliance.org/research/guidance/

Questions

Explain the levels of abstraction in AWS to someone without a technical background.

At the lowest level of abstraction, you have the raw materials, such as bare metal servers, which gives you complete control over the hardware and software, but requires a lot of experience on the matter to set up and manage. The next level of abstraction provides a pre-configured environment that you can use to run your applications without having to worry about the hardware. But still requires a bit of expertise. The next level allows you to package your application into a container that can be easily deployed and scaled up or down as needed. The last level is like using a serverless service, which allows you to run your application without having to worry about any infrastructure at all.

What are the control plane and data plane responsible for in container abstraction?

The control plane is responsible for the management of containers, while the data plane is responsible for handling the actual data traffic between containers and external networks.

Where does AWS Lambda fall in the layers of abstraction and what makes it so special?

AWS Lambda falls in the highest level of abstraction in AWS. The special part of AWS Lambda is that it enables developers to compile code without worrying about managing servers. It supports a lot of programming languages.