As more organizations move towards using a cloud-native architecture (e.g., microservices, containers, orchestration), they come to the realization that their security controls are also changing. They are moving from being perimeter-based to also being cloud-native. The firewall is dead, and zero trust architecture is here to replace it. Zero trust security is a model where application components or microservices are considered discrete from each other and no component or microservice trusts any other. Implementing and migrating towards a zero trust strategy for cloud is an engineering effort, to say the least. But the payoff is huge in terms of scalability and resilience to attack. We explore the design principles and then illustrate them in reference architectures for AWS, Azure and GCP that are reusable.
Describe the zero trust model as it applies to cloud architecture and cloud-native applications.
List the threats associated with zero trust architectures.
Plan the migration of a legacy cloud environment to a design that is based upon a zero trust architecture.