Chapter Thirteen · Securing the Cloud
Cloud and Modern Infrastructure Security
Meridian runs in the cloud, and the intruder's easiest wins there aren't exotic exploits — they're misconfigurations: a public bucket, an over-privileged role, an exposed metadata endpoint. This chapter secures Meridian's cloud account and containers, kept vendor-neutral so the principles transfer to any provider.
The cloud does not make security someone else's problem — it splits it, and the customer's half is where nearly every reported cloud breach happens. Those breaches are rarely exotic exploits; they are misconfigurations: a storage bucket left public, a role granted far more than it needs, a metadata endpoint an SSRF can reach. This chapter secures Meridian's cloud the way the data says it actually gets attacked.
Five topics, kept vendor-neutral so the principles transfer to any provider: the shared responsibility model, cloud IAM and misconfiguration, container and Kubernetes security, data protection and secrets, and the attack paths that chain misconfigurations to admin. It builds on the identity (Chapter 3), network (Chapter 4), and web (Chapter 6) foundations rather than repeating them.