Architecting for Security on AWS

By Ben Piper
This course will help you learn to apply security at all layers of AWS, including encrypting and protecting data at-rest and in-transit, as well as how to prepare for and respond to security events.
Start FREE course
Play course overview
Course info
Rating
(61)
Level
Intermediate
Updated
Mar 9, 2020
Duration
4h 13m
Table of contents
Course Overview
Course Overview 1m
Protecting AWS Credentials
Confidentiality, Integrity, and Availability 6m Course Overview 6m Creating an Administrative User 8m Denying Access with Group Policies 3m Denying Access with User Policies 9m Introduction to Principals and Policies 2m Locking Down the Root User 7m Summary 3m Understanding AWS Credentials 2m Understanding Policies 3m Using Groups 2m
Capturing and Analyzing Logs
CloudTrail vs. CloudWatch Logs 3m Configuring CloudTrail to Log AWS Service Operations 8m Configuring CloudWatch Logs 8m Creating CloudWatch Alarms 9m Introduction to Capturing and Analyzing Logs 2m Reading CloudTrail Logs Using CloudWatch Logs 4m Searching Logs with Athena 6m Summary 2m Tracking Configuration Changes in AWS Config 7m Understanding CloudTrail 2m
Protecting Network and Host-level Boundaries
Creating a Public Subnet 6m Creating and Using an IAM Instance Profile 9m Introduction to Protecting Network and Host-level Boundaries 5m Network Access Control Lists 10m Summary 2m Using SSH Key Pairs 8m Using VPC Endpoints - Part 1 7m Using VPC Endpoints - Part 2 6m
Protecting Data at Rest
CloudFront Origin Access Identity 6m Creating a Customer Master Key with KMS 6m Encrypting S3 Objects with KMS-managed Keys (SSE-KMS) 5m Encrypting an Unencrypted EBS Volume 6m Granting Anonymous Access with Object ACLs and Bucket Policies 7m Introduction to Protecting Data at Rest 3m S3 Access Permissions - Part 1 7m S3 Access Permissions - Part 2 4m Summary 3m
Protecting Data in Transit
Creating a Secure Application Load Balancer 8m Introduction to Protecting Data in Transit 6m Preparing for the Load Balancer 7m Summary 2m
Configuring Data Backup, Replication, and Recovery
Course Summary 3m Cross-region Replication 5m Introduction to Data Backup, Replication, and Recovery 2m Lifecycle Management 8m Summary 1m Versioning 5m
Description
Course info
Rating
(61)
Level
Intermediate
Updated
Mar 9, 2020
Duration
4h 13m
Description

AWS security architects need to understand how to build security into every AWS deployment at every level. In this course, Architecting for Security on AWS, you’ll learn how to secure your data and your AWS services and resources at multiple levels using a defense-in-depth approach. First, you'll learn how to protect your AWS credentials using identity and access management. Next, you'll see how to capture and analyze logs using CloudTrail, CloudWatch, and Athena. Finally, you'll learn how to implement network and instance security, encrypt data at rest and in-transit, and set up data backup, replication, and recovery. After finishing this course, you'll be ready to granularly control access to your AWS resources.

About the author
Ben Piper
About the author

Ben Piper is the author of the "CCNP Enterprise Certification Study Guide: Implementing and Operating Cisco Enterprise Network Core Technologies" and the "AWS Certified Solutions Architect Study Guide". You can contact Ben by visiting his website, benpiper.com.

More from the author
Cisco Enterprise Networks: Layer 2 Troubleshooting
Intermediate
1h 52m
Sep 28, 2020
Cisco Enterprise Networks: NAT and Security
Intermediate
1h 41m
Aug 28, 2020
Cisco Enterprise Networks: BGP and Path Control
Intermediate
2h 23m
Jul 28, 2020
More courses by Ben Piper
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
(Music playing) Hi everyone, my name Ben Piper, and welcome to my course, Architecting for Security on AWS. I'm an AWS certified Solutions Architect and author. Security is about protecting your valuable data and the systems that store and retrieve that data. As an AWS architect, you need to understand how to build security into every AWS deployment at every level. In this course, you're going to learn how to secure your data and your AWS services and resources at multiple levels using a defense in-depth approach. Some of the major topics that we will cover include identity and access management, capturing and analyzing security logs, network and instance security, data encryption, and backup, replication, and recovery. By the end of this course, you'll know how to secure your data stored in AWS, as well as your AWS services and resources. Before beginning the course, you should have six months of experience with AWS in a technical capacity. I hope you'll join me on this journey to learn AWS security with the Architecting for Security on AWS course, only on Pluralsight.

You're the smartest person in the room

PROVE IT

Your team won't just close the skills gap

THEY'LL HURDLE IT