Special offers now — see discounted courses.
day
:
hour
:
min
:
sec
See special offers
AWS: Security and Compliance

AWS: Security and Compliance

6h 39mIntermediate2022-05-19

Authors

Sharif Nijim

Sharif Nijim

Assistant Teaching Professor at the University of Notre Dame

Course details

Understanding—and successfully implementing—security concepts is essential to using Amazon Web Services (AWS) as your enterprise solution. In this course, instructor Sharif Nijim couples pragmatic advice with practical examples that show IT pros how to create a secure infrastructure within AWS. Sharif explores the shared responsibility model of security, which splits duties between your company and AWS, and introduces key Identity and Access Management (IAM) concepts, including users, groups, roles, and policies. Discover how to manage access to Simple Storage Service (S3); implement detective controls within AWS, including how to work with AWS Config and GuardDuty; use protective tools such as AWS Shield; and use AWS Key Management Service (KMS) to manage access keys. Plus, learn how to prepare for the inevitable audit of your AWS account(s).

Skills covered

Cloud SecurityAmazon Web Services (AWS)AmazonCloud ServicesCloud PlatformsCert PrepCloud Computing

Concepts

0. Introduction

  • 01 - AWS security overview
  • 02 - What you should know

1. AWS Security Foundations

  • 03 - Understanding shared responsibility
  • 04 - Understanding the AWS security landscape
  • 05 - Understanding separation of duties
  • 06 - Implementing separation of duties
  • 07 - Understanding CloudTrail
  • 08 - Enabling CloudTrail
  • 09 - Understanding Organizations
  • 10 - Installing the command line interface (CLI) for Mac
  • 11 - The command line interface (CLI) for Windows

2. IAM Concepts in AWS

  • 12 - Understanding Identity and Access Management
  • 13 - Understanding IAM policies
  • 14 - Configuring IAM policies
  • 15 - Understanding IAM groups
  • 16 - Configuring IAM groups
  • 17 - Configuring a password policy
  • 18 - Configuring IAM users - Web console
  • 19 - Challenge - IAM
  • 20 - Solution - IAM
  • 21 - Understanding IAM roles
  • 22 - Configuring IAM roles
  • 23 - Validating an IAM role
  • 24 - Understanding Security Token Service
  • 25 - Creating a temporary access role
  • 26 - Creating a temporary access policy
  • 27 - Validating temporary access
  • 28 - Challenge - Super admin
  • 29 - Solution - Super admin
  • 30 - Illustrating access restrictions
  • 31 - Exploring IAM policy simulator
  • 32 - Understanding federated access
  • 33 - Enabling federated access
  • 34 - Securing financial access
  • 35 - Enabling financial access
  • 36 - Understanding Control Tower

3. S3 Access Management

  • 37 - Exploring S3 management options
  • 38 - Accessing S3 privately
  • 39 - Configuring private S3 access
  • 40 - Managing S3 with IAM
  • 41 - Restricting S3 access with IAM
  • 42 - Validating custom IAM S3 policy
  • 43 - Leveraging a custom IAM S3 policy
  • 44 - Creating an S3 bucket policy
  • 45 - Illustrating an S3 bucket policy with the CLI
  • 46 - Understanding S3 access control lists
  • 47 - Understanding public access in S3
  • 48 - Exploring presigned URLs
  • 49 - Reviewing S3 security

4. Key Management

  • 50 - Understanding Key Management Service
  • 51 - Creating a KMS key
  • 52 - Creating a multi-Region KMS key
  • 53 - Using a KMS with S3 objects
  • 54 - Using KMS and an IAM role
  • 55 - Automating KMS key rotation
  • 56 - Deleting a KMS key
  • 57 - Enabling default EBS encryption
  • 58 - Understanding Secrets Manager
  • 59 - Using Secrets Manager
  • 60 - Enabling autorotation with Secrets Manager
  • 61 - Creating a multi-Region secret
  • 62 - Understanding Systems Manager
  • 63 - Using Systems Manager Parameter Store
  • 64 - Understanding AWS CloudHSM

5. Internal Detective Controls

  • 65 - Understanding AWS Config
  • 66 - Enabling AWS Config
  • 67 - Exploring AWS Config results
  • 68 - Using conformance packs
  • 69 - Understanding AWS GuardDuty
  • 70 - Exploring AWS GuardDuty
  • 71 - Understanding Amazon Macie
  • 72 - Configuring a Macie job
  • 73 - Exploring Macie results
  • 74 - Understanding IAM Access Analyzer
  • 75 - Understanding Amazon Detective
  • 76 - Exploring Amazon Detective
  • 77 - Understanding Amazon Inspector
  • 78 - Exploring Amazon Inspector
  • 79 - Resolving an Inspector finding

6. Additional Protective Tools

  • 80 - Understanding Web Application Firewall
  • 81 - Exploring Web Application Firewall
  • 82 - Configuring Web Application Firewall
  • 83 - Validating Web Application Firewall
  • 84 - Understanding AWS Shield
  • 85 - Understanding Certificate Manager
  • 86 - Configuring a private certificate authority
  • 87 - Creating a private certificate
  • 88 - Using a private certificate

7. Security Audits in AWS

  • 89 - Understanding AWS Security Hub
  • 90 - Using AWS Security Hub
  • 91 - Rotating access keys
  • 92 - Understanding AWS Artifact
  • 93 - Understanding Trusted Advisor
  • 94 - Exploring Trusted Advisor
  • 95 - Preparing for a security audit

Conclusion

  • 96 - Next steps

Related courses

Related learn paths

About us

LyndaKade is a leading learning platform that helps people learn business, software, technology, and creative skills to achieve personal and professional goals.

Phone numberAparat ChannelTelegram SupportTelegram ChannelInstagram Page

All rights to this site belong to LyndaKade.

Terms of Service|Privacy Policy

نماد الکترونیک enamad در صورت اتصال با آی‌پی داخل کشور، نمایش داده خواهد شد.
logo-samandehi - لوگو ساماندهی
zarinpal
zibal