Architecting for Security on AWS

By Ben Piper
This course will help you learn to apply security at all layers of AWS, including encrypting and protecting data at-rest and in-transit, as well as how to prepare for and respond to security events.
Start FREE course
Play course overview
Course info
Rating
(42)
Level
Intermediate
Updated
Mar 9, 2020
Duration
4h 13m
Table of contents
Course Overview
Course Overview 1m
Protecting AWS Credentials
Understanding AWS Credentials 2m Course Overview 6m Denying Access with Group Policies 3m Confidentiality, Integrity, and Availability 6m Summary 3m Using Groups 2m Introduction to Principals and Policies 2m Locking Down the Root User 7m Creating an Administrative User 8m Understanding Policies 3m Denying Access with User Policies 9m
Capturing and Analyzing Logs
Searching Logs with Athena 6m Configuring CloudTrail to Log AWS Service Operations 8m Summary 2m Understanding CloudTrail 2m Creating CloudWatch Alarms 9m Configuring CloudWatch Logs 8m CloudTrail vs. CloudWatch Logs 3m Reading CloudTrail Logs Using CloudWatch Logs 4m Introduction to Capturing and Analyzing Logs 2m Tracking Configuration Changes in AWS Config 7m
Protecting Network and Host-level Boundaries
Using VPC Endpoints - Part 1 7m Introduction to Protecting Network and Host-level Boundaries 5m Creating and Using an IAM Instance Profile 9m Using SSH Key Pairs 8m Summary 2m Using VPC Endpoints - Part 2 6m Creating a Public Subnet 6m Network Access Control Lists 10m
Protecting Data at Rest
S3 Access Permissions - Part 2 4m Encrypting S3 Objects with KMS-managed Keys (SSE-KMS) 5m S3 Access Permissions - Part 1 7m Encrypting an Unencrypted EBS Volume 6m Creating a Customer Master Key with KMS 6m CloudFront Origin Access Identity 6m Summary 3m Introduction to Protecting Data at Rest 3m Granting Anonymous Access with Object ACLs and Bucket Policies 7m
Protecting Data in Transit
Introduction to Protecting Data in Transit 6m Preparing for the Load Balancer 7m Creating a Secure Application Load Balancer 8m Summary 2m
Configuring Data Backup, Replication, and Recovery
Summary 1m Lifecycle Management 8m Cross-region Replication 5m Versioning 5m Course Summary 3m Introduction to Data Backup, Replication, and Recovery 2m
Description
Course info
Rating
(42)
Level
Intermediate
Updated
Mar 9, 2020
Duration
4h 13m
Description

AWS security architects need to understand how to build security into every AWS deployment at every level. In this course, Architecting for Security on AWS, you’ll learn how to secure your data and your AWS services and resources at multiple levels using a defense-in-depth approach. First, you'll learn how to protect your AWS credentials using identity and access management. Next, you'll see how to capture and analyze logs using CloudTrail, CloudWatch, and Athena. Finally, you'll learn how to implement network and instance security, encrypt data at rest and in-transit, and set up data backup, replication, and recovery. After finishing this course, you'll be ready to granularly control access to your AWS resources.

About the author
Ben Piper
About the author

Ben Piper is an IT consultant and author of the "AWS Certified Solutions Architect Study Guide: Associate SAA-C01 Exam", "AWS Certified Cloud Practitioner Study Guide: CLF-C01 Exam", and "Learn Cisco Network Administration in a Month of Lunches". You can contact Ben by visiting his website, benpiper.com.

More from the author
Architecting for Reliability on AWS
Intermediate
2h 44m
Jun 23, 2020
Cisco Enterprise Networks: First Hop Redundancy Protocols
Intermediate
1h 52m
Jun 12, 2020
Cisco Enterprise Networks: Infrastructure Security
Intermediate
2h 3m
May 21, 2020
More courses by Ben Piper
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
(Music playing) Hi everyone, my name Ben Piper, and welcome to my course, Architecting for Security on AWS. I'm an AWS certified Solutions Architect and author. Security is about protecting your valuable data and the systems that store and retrieve that data. As an AWS architect, you need to understand how to build security into every AWS deployment at every level. In this course, you're going to learn how to secure your data and your AWS services and resources at multiple levels using a defense in-depth approach. Some of the major topics that we will cover include identity and access management, capturing and analyzing security logs, network and instance security, data encryption, and backup, replication, and recovery. By the end of this course, you'll know how to secure your data stored in AWS, as well as your AWS services and resources. Before beginning the course, you should have six months of experience with AWS in a technical capacity. I hope you'll join me on this journey to learn AWS security with the Architecting for Security on AWS course, only on Pluralsight.

You're the smartest person in the room

PROVE IT

Your team won't just close the skills gap

THEY'LL HURDLE IT