AWS Cloud Security

Paths

AWS Cloud Security

Authors: Jordan Yankovich, Brian Eiler, Mark Wilkins, Saravanan Dhandapani, Ben Piper, Joseph Hunsaker

AWS has products and services that can pretty much take care of any business computing need you might have, but with each specific project, you absolutely must consider how you... Read more

Related topics

AWS Operations AWS Networking AWS Application Development AWS Big Data

What you will learn:

  • Securing networks, infrastructure, data, identities, and applications.

Pre-requisites

This path is intended for beginners and learners who are already familiar with cloud computing and the AWS cloud platform.

Beginner

In this section you will learn to identify the AWS services that are available to assist you in implementing security in your projects. You’ll also learn to manage user identities which is one of the basic building blocks of access to your projects. Finally you’ll learn about securing your data that you keep in AWS services.

Introduction to AWS Cloud Security

by Jordan Yankovich

Mar 29, 2019 / 1h 7m

1h 7m

Start Course
Description

Everyday more applications adopt the AWS cloud causing an exponential demand for cloud security to protect and scale enterprises. In this course, Introduction To AWS Cloud Security, you will gain the ability to create a secure cloud environment within AWS. First, you will see an overview of foundational AWS service offerings and how they relate to the security of your infrastructure. Next, you will discover how to protect your cloud data and enable secure communication between cloud services. Finally, you will explore how to maintain a secure enterprise cloud environment with cutting edge logging and monitoring solutions. When you are finished with this course, you will have the skills and knowledge of AWS needed to create a secure cloud environment.

Table of contents
  1. Course Overview
  2. Identifying AWS Services for Security and When to Use Them
  3. Define the Shared Responsibility Model
  4. Maintaining Physical and Environmental Security of AWS

Identity and Access Management on AWS: Users

by Brian Eiler

Feb 22, 2019 / 1h 43m

1h 43m

Start Course
Description

At the core of Identity and Access Management (IAM) usage in AWS is a thorough knowledge of users and their purpose. In this course, Identity and Access Management on AWS: Users, you’ll learn how to properly create and use IAM users and optionally federate them with external directory services. First, you’ll learn about the root user that is the only user in a new account and why this user should be used to set up the IAM user that will do the rest of the configuration. Next, you’ll explore how to create users for both Management Console and programmatic access, as well as how to secure that access. Finally, you’ll discover how to federate IAM in AWS with external authentication services, such as Active Directory and web identities (including Amazon, Google, and Facebook), as well as other frameworks like OpenID and SAML. When you’re finished with this course, you’ll have a foundational knowledge of users in IAM on AWS that will help you as you move forward with securing your AWS infrastructure.

Table of contents
  1. Course Overview
  2. Introducing IAM on AWS
  3. Creating and Maintaining Individual Users
  4. Incorporating Federation

Securing Data on AWS

by Mark Wilkins

May 2, 2019 / 1h 47m

1h 47m

Start Course
Description

Perhaps your company is moving to the Amazon cloud and you are concerned with safely protecting your company's data. Perhaps your company needs to follow a strict level of compliance when operating in the cloud. Maybe you have a lot of data stored in the cloud, and find that you don't have time to manage it properly. In this course, Securing Data on AWS, you will gain the ability to encrypt your data using any of the data services provided by Amazon Web Services (AWS). First, you will learn the difference between the Key Management Service (KMS) and CloudHSM. Next, you will discover how to create customer-managed keys and perform administration on your encryption keys for both administrators and end users. Then, you will see how to install CloudHSM, and understand the integration between KMS and CloudHSM. Finally, you will understand how Amazon Macie can help you manage and protect your data records stored in S3 buckets. When you are finished with this course, you will have the skills and understanding of services that help you perform encryption and management of your stored data in the AWS cloud.

Table of contents
  1. Course Overview
  2. Encryption and Decryption at AWS
  3. Securing Data with KMS (Key Management Service)
  4. Securing Data with Cloud HSM (Hardware Security Module)
  5. Protecting Sensitive Data with Amazon Macie

Intermediate

In this section you’ll learn how to make sure that your infrastructure and virtual machine stay secure. The applications that you house in your infrastructure will next need to be secured and you’ll be able to do that here as well. Finally, you’ll learn how you can monitor all of this in an ongoing fashion.

Securing AWS Infrastructure

by Mark Wilkins

Jun 4, 2019 / 1h 42m

1h 42m

Start Course
Description

Securing AWS infrastructure is an ongoing task, with many moving parts. In this course, Securing AWS Infrastructure, you’ll find the best methods of securing your hosted applications at AWS. First, you'll learn the best subnet and IP address types to host your applications, and how to plan out VPC security using route tables, security groups, and Network ACLs. Next, you’ll discover the roles that redundancy and availability play in application security, looking at load balancing and autoscaling and how they help your applications to remain available. Finally, you’ll explore the intrusion detection and prevention available at AWS for all customers, specifically how to create threat protection layers with Web Application Firewall, AWS Shield, Shield Advanced, and the AWS Firewall manager. You’ll also see how to protect public-facing resources using CloudFront. You'll also go through the use of GuardDuty and Amazon Inspector. This course’s content is a mix of lecture and hands-on demos. When you’re finished with this course, you will understand how to properly secure your infrastructure components at AWS.

Table of contents
  1. Course Overview
  2. Securing EC2 Resources
  3. Planning for Intrusion, Threats, and DDoS Attacks
  4. Maintaining EC2 Instance Security with Amazon Inspector
  5. Monitoring Threat Detection with Amazon GuardDuty

Securing Applications on AWS

by Mark Wilkins

Jun 28, 2019 / 2h 14m

2h 14m

Start Course
Description

Many applications at AWS are over-hosted. In this course, Securing Applications on AWS, you will gain knowledge about how to protect over-hosted applications at AWS using a variety of powerful management tools provided by Amazon. First, you will look at the Web Application Firewall (WAF) and see how to protect against unwanted access from incoming public traffic, you will explore the API Gateway and how you can create and host APIs at AWS, and you will dive into Amazon Cognito which allows you to create user and identity pools that allow internal and external authentication and single sign-on access. Next, you will look at the operation of CloudWatch and its use of metrics which allow you to manage all of your AWS resources, as well as CloudTrail which helps to monitor all activity in your AWS account. Finally, you will see how to use TrustedAdvisor to alert you to account issues, and AWS Config to set rules for managing your infrastructure resources. When you are done with this course, you will know how to monitor, audit, protect, and take many other actions towards protecting your applications hosted on AWS.

Table of contents
  1. Course Overview
  2. Web Application Firewall and the API Gateway
  3. Authenticating Users with Amazon Cognito
  4. Logging with CloudWatch
  5. Auditing with CloudTrail
  6. Managing Compliance Standards with Trusted Advisor and AWS Config

Monitoring AWS Cloud Security

by Saravanan Dhandapani

Jun 27, 2019 / 1h 55m

1h 55m

Start Course
Description

Though migrating to the cloud is one of the uphill tasks that most companies go through, one of the important if not the most important tasks is to monitor the cloud resources once the migration is completed to avoid some of the unpleasant issues like increased cost due to mismanaged resources, reduced customer satisfaction because of unmonitored metrics. In this course, Monitoring AWS Cloud Security, you will learn how to address issues like these. First, you will learn about CloudWatch metrics, starting from default metrics, eventually learning how to publish your own custom metrics. Next, you will explore how to communicate system events across accounts and how to automatically respond and recover to system events of your AWS resources. Finally, you will discover how to create a graphical dashboard to monitor all these highly critical metrics from one single location. When you are finished with this course, you will have the skills and knowledge to create and monitor metrics, set up alerts, and create dashboards to monitor various AWS resources.

Table of contents
  1. Course Overview
  2. Getting Started with CloudWatch
  3. Logging and Metrics
  4. Dashboards and Automation
  5. AWS Microsoft Support

Advanced

In this section you’ll learn in depth how to implement and use the Virtual Private Cloud, the solution to providing an air gap for your projects. You’ll then finish up with a look at the best practices you should keep in mind throughout the whole process.

AWS Networking Deep Dive: Virtual Private Cloud (VPC)

by Ben Piper

Aug 8, 2019 / 2h 57m

2h 57m

Start Course
Description

Is your existing VPC configuration holding you back? In this course, AWS Networking Deep Dive: Virtual Private Cloud (VPC), you'll learn the inner-workings of VPC components and how they differ from their traditional network analogs. First, you'll discover how to create multi-VPC topologies and build secure connectivity between them. Next, you'll explore how to create and use a transit VPC to enable scalable connectivity between multiple VPCs and on-premises networks. Finally, you'll learn how restrict IPv4 and IPv6 internet access. When you're finished with this course, you'll have the skills and knowledge to create secure and scalable VPC designs.

Table of contents
  1. Course Overview
  2. Creating Secure Virtual Private Clouds (VPCs)
  3. Creating Secure and Scalable VPCs
  4. VPC Peering
  5. Secure Internet Egress Using NAT Instances
  6. Using a Transit VPC to Connect On-premises and Cloud Resources
  7. Monitoring a VPC
  8. Using CloudHub to Connect Remote Sites Together
  9. Configuring IPv6 Connectivity

AWS Cloud Security Best Practices

by Joseph Hunsaker

Sep 17, 2019 / 43m

43m

Start Course
Description

Prevent a breach of security. Protect against data loss or misuse. Keep from ruining your company's reputation. Keep the hackers out! In this course, AWS Cloud Security Best Practices, you will gain the ability to secure your organization’s AWS cloud applications. First, you will learn the fundamentals in the AWS Security Checklist. Next, you will discover what is needed for an operating system to run securely in the cloud, and how to segment AWS infrastructure for maximum security. Finally, you will explore how the AWS Cloud Adoption Framework (CAF) can help your organization move the entire business to the cloud. When you're finished with this course, you will have the skills and knowledge of AWS Security needed to secure your organization’s applications in the cloud.

Table of contents
  1. Course Overview
  2. Examining the AWS Security Checklist
  3. Securing Operating Systems and Applications
  4. Securing Your Infrastructure
  5. Introducing the Cloud Adoption Framework
Offer Code *
Email * First name * Last name *
Company
Title
Phone
Country *

* Required field

Opt in for the latest promotions and events. You may unsubscribe at any time. Privacy Policy

By providing my phone number to Pluralsight and toggling this feature on, I agree and acknowledge that Pluralsight may use that number to contact me for marketing purposes, including using autodialed or pre-recorded calls and text messages. I understand that consent is not required as a condition of purchase from Pluralsight.

By activating this benefit, you agree to abide by Pluralsight's terms of use and privacy policy.

I agree, activate benefit