Menu
Real-Time Web Analytics with Kinesis Data Analytics
Real-Time Web Analytics with Kinesis Data Analytics

Security

When you build systems on AWS infrastructure, security responsibilities are shared between you and AWS. This shared model can reduce your operational burden as AWS operates, manages, and controls the components from the host operating system and virtualization layer down to the physical security of the facilities in which the services operate. For more information about security on AWS, visit the AWS Security Center.

Security Group

The security group created in this solution is designed to control and isolate network traffic to the web server Amazon Elastic Compute Cloud (Amazon EC2) instance. The security group allows only traffic from port 80 to the web server.

AWS Systems Manager

The Real-Time Web Analytics with Kinesis Data Analytics beacon web servers are configured to be managed by AWS Systems Manager. By default, AWS Systems Manager pushes the AWS patch baseline to beacon servers once per day. For more information about how to automate beacon server management using Run Command, see AWS Systems Manager Run Command.

HTTPS Websites

This solution deploys an Application Load Balancer to route web client traffic to the beacon servers. For HTTPS websites, we recommend that you leverage HTTPS listeners and create certificates with AWS Certificate Manager (ACM) and deploy it to your load balancer. For more information, see the AWS Certificate Manager User Guide. You will also need to enable port 443 ingress traffic on your ALB security group.