AWS Cloud Security

Description

Everyday more applications adopt the AWS cloud causing an exponential demand for cloud security to protect and scale enterprises. In this course, Introduction To AWS Cloud Security, you will gain the ability to create a secure cloud environment within AWS. First, you will see an overview of foundational AWS service offerings and how they relate to the security of your infrastructure. Next, you will discover how to protect your cloud data and enable secure communication between cloud services. Finally, you will explore how to maintain a secure enterprise cloud environment with cutting edge logging and monitoring solutions. When you are finished with this course, you will have the skills and knowledge of AWS needed to create a secure cloud environment.

Description

At the core of Identity and Access Management (IAM) usage in AWS is a thorough knowledge of users and their purpose. In this course, Identity and Access Management on AWS: Users, you’ll learn how to properly create and use IAM users and optionally federate them with external directory services. First, you’ll learn about the root user that is the only user in a new account and why this user should be used to set up the IAM user that will do the rest of the configuration. Next, you’ll explore how to create users for both Management Console and programmatic access, as well as how to secure that access. Finally, you’ll discover how to federate IAM in AWS with external authentication services, such as Active Directory and web identities (including Amazon, Google, and Facebook), as well as other frameworks like OpenID and SAML. When you’re finished with this course, you’ll have a foundational knowledge of users in IAM on AWS that will help you as you move forward with securing your AWS infrastructure.

Description

Perhaps your company is moving to the Amazon cloud and you are concerned with safely protecting your company's data. Perhaps your company needs to follow a strict level of compliance when operating in the cloud. Maybe you have a lot of data stored in the cloud, and find that you don't have time to manage it properly.

In this course, Securing Data on AWS, you will gain the ability to encrypt your data using any of the data services provided by Amazon Web Services (AWS).

First, you will learn the difference between the Key Management Service (KMS) and CloudHSM.

Next, you will discover how to create customer-managed keys and perform administration on your encryption keys for both administrators and end users.

Then, you will see how to install CloudHSM, and understand the integration between KMS and CloudHSM.

Finally, you will understand how Amazon Macie can help you manage and protect your data records stored in S3 buckets.

When you are finished with this course, you will have the skills and understanding of services that help you perform encryption and management of your stored data in the AWS cloud.

Description

Securing AWS infrastructure is an ongoing task, with many moving parts.

In this course, Securing AWS Infrastructure, you’ll find the best methods of securing your hosted applications at AWS.

First, you'll learn the best subnet and IP address types to host your applications, and how to plan out VPC security using route tables, security groups, and Network ACLs.

Next, you’ll discover the roles that redundancy and availability play in application security, looking at load balancing and autoscaling and how they help your applications to remain available.

Finally, you’ll explore the intrusion detection and prevention available at AWS for all customers, specifically how to create threat protection layers with Web Application Firewall, AWS Shield, Shield Advanced, and the AWS Firewall manager. You’ll also see how to protect public-facing resources using CloudFront.

You'll also go through the use of GuardDuty and Amazon Inspector. This course’s content is a mix of lecture and hands-on demos.

When you’re finished with this course, you will understand how to properly secure your infrastructure components at AWS.

Description

Many applications at AWS are over-hosted. In this course, Securing Applications on AWS, you will gain knowledge about how to protect over-hosted applications at AWS using a variety of powerful management tools provided by Amazon.

First, you will look at the Web Application Firewall (WAF) and see how to protect against unwanted access from incoming public traffic, you will explore the API Gateway and how you can create and host APIs at AWS, and you will dive into Amazon Cognito which allows you to create user and identity pools that allow internal and external authentication and single sign-on access.

Next, you will look at the operation of CloudWatch and its use of metrics which allow you to manage all of your AWS resources, as well as CloudTrail which helps to monitor all activity in your AWS account.

Finally, you will see how to use TrustedAdvisor to alert you to account issues, and AWS Config to set rules for managing your infrastructure resources.

When you are done with this course, you will know how to monitor, audit, protect, and take many other actions towards protecting your applications hosted on AWS.

Description

Though migrating to the cloud is one of the uphill tasks that most companies go through, one of the important if not the most important tasks is to monitor the cloud resources once the migration is completed to avoid some of the unpleasant issues like increased cost due to mismanaged resources, reduced customer satisfaction because of unmonitored metrics. In this course, Monitoring AWS Cloud Security, you will learn how to address issues like these. First, you will learn about CloudWatch metrics, starting from default metrics, eventually learning how to publish your own custom metrics. Next, you will explore how to communicate system events across accounts and how to automatically respond and recover to system events of your AWS resources. Finally, you will discover how to create a graphical dashboard to monitor all these highly critical metrics from one single location. When you are finished with this course, you will have the skills and knowledge to create and monitor metrics, set up alerts, and create dashboards to monitor various AWS resources.

Description

Is your existing VPC configuration holding you back? In this course, AWS Networking Deep Dive: Virtual Private Cloud (VPC), you'll learn the inner-workings of VPC components and how they differ from their traditional network analogs. First, you'll discover how to create multi-VPC topologies and build secure connectivity between them. Next, you'll explore how to create and use a transit VPC to enable scalable connectivity between multiple VPCs and on-premises networks. Finally, you'll learn how restrict IPv4 and IPv6 internet access. When you're finished with this course, you'll have the skills and knowledge to create secure and scalable VPC designs.

Description

Prevent a breach of security. Protect against data loss or misuse. Keep from ruining your company's reputation. Keep the hackers out! In this course, AWS Cloud Security Best Practices, you will gain the ability to secure your organization’s AWS cloud applications. First, you will learn the fundamentals in the AWS Security Checklist. Next, you will discover what is needed for an operating system to run securely in the cloud, and how to segment AWS infrastructure for maximum security. Finally, you will explore how the AWS Cloud Adoption Framework (CAF) can help your organization move the entire business to the cloud. When you're finished with this course, you will have the skills and knowledge of AWS Security needed to secure your organization’s applications in the cloud.