AWS for DevOps: Security, Governance, and Validation
2h 41mAdvanced2017-09-08
Authors

Lynn Langit
Cloud Architect
Course details
In this course—which was designed for DevOps professionals working with the AWS cloud—learn about AWS tools and best practices for security, governance, and validation. Instructor Lynn Langit covers different security and governance approaches, including outcome-based validation with service level agreements, outcome-based security with audits, and protecting data in-flight and at-rest. Lynn discusses using AWS tools such as CloudWatch, CloudTrail, and Inspector for security monitoring. Plus, she shows how to use third-party security and governance tools, and shares cost control approaches for AWS service billing. This course can also be used as an exam preparation resource, as it covers the topics in the third domain of the AWS Certified DevOps Engineer exam: Security, Governance, and Validation.
Learning objectives
Security and governance approaches
Service cost predictability
Protecting data in-flight and at-rest
IAM best practices
Security via AWS Inspector, AWS Trusted Advisor, and AWS KMS
Console tools for cost control
Total service costs for AWS
Using the AWS billing dashboard
Third-party security and governance tools
Approaches to security and cost control
Learning objectives
Security and governance approaches
Service cost predictability
Protecting data in-flight and at-rest
IAM best practices
Security via AWS Inspector, AWS Trusted Advisor, and AWS KMS
Console tools for cost control
Total service costs for AWS
Using the AWS billing dashboard
Third-party security and governance tools
Approaches to security and cost control
Skills covered
DevOps FoundationsAmazon Web Services (AWS)AmazonDevOpsCloud ServicesCloud PlatformsCloud ComputingDeep Dive (X:Y)
Concepts
0. Introduction
- 01 - Welcome
- 02 - Using cloud services
- 03 - Exercise files
1. Security and Governance Approaches
- 04 - Security and governance approaches
- 05 - Outcome-based validation - SLAs
- 06 - Outcome-based security via audits
- 07 - Service cost predictability
- 08 - IT Governance requirements
- 09 - Protecting data in-flight
- 10 - Protecting data at-rest
2. Security and Governance for Services
- 11 - AWS security IAM objects
- 12 - AWS root IAM user
- 13 - MFA with privileged users
- 14 - AWS IAM policy simulator
- 15 - IAM best practices
- 16 - Security via AWS Certificate Manager
- 17 - Security via AWS KMS
- 18 - Security via AWS WAF and Shield
- 19 - Security via AWS Inspector
- 20 - Security via AWS Trusted Advisor
- 21 - AWS organizations
3. AWS Tools for Security and Governance
- 22 - Console tools for cost control
- 23 - Total service costs for AWS
- 24 - Using the AWS billing dashboard
- 25 - CloudWatch for security and cost control
- 26 - Using CloudTrail logs for security
- 27 - CloudTrail and CloudWatch events
- 28 - Set up and use the AWS CLI or aws-shell
- 29 - AWS CLI for governance
- 30 - Setting up the AWS SDK for Node.js
- 31 - AWS SDK for security
4. Advanced and Third-Party Tools
- 32 - AWS object metadata
- 33 - Third-party security tools
- 34 - Third-party governance tools
- 35 - Approaches to security
- 36 - Approaches to cost control
Conclusion
- 37 - Next steps
Related courses
- AWS Certified DevOps Engineer Professional (DOP-C02) Cert Prep
- HashiCorp Certified: Terraform Associate (004) Cert Prep
- DevSecOps in Action: Securing and Governing Multicloud Infrastructures
- Practical GenAI for AWS DevOps: Efficiently Design, Script, Debug, and Diagnose
- AWS CloudFormation for Beginners
- Introduction to AWS CloudFormation
- DevOps with AWS: Tools for Automated Workflows
- AWS Essential Training for Developers (2022)
Related learn paths
- Prepare for the AWS DevOps Engineer - Professional (DOP-C01) Exam
- Foundations of Cloud Computing: Models, Platforms, Services, and Careers
- Getting Started with DevOps
- Getting Started with Cloud Development
- Prepare for the AWS Certified Developer Associate (DVA-C01) Certification Exam
- Become an AWS Data and DevOps Specialist
- Prepare for the AWS SysOps Administrator - Associate (SOA-C02) Exam
- Infrastructure as Code with Terraform