Introduction To Aws Security

Learn the fundamentals of AWS security including Infrastructure Security, IAM, Data Protection, and Logging & Monitoring

What you'll learn

How to identify and address security concerns based on your AWS cloud architecture

What you are responsible for securing versus what AWS is responsible for (Shared Responsibility)

How to secure AWS infrastructure including VPC networks, access control (Security Groups, NACLs, etc…), and configuring important security services

How to secure AWS data and services with proper Identity and Access Management (IAM) including users, roles, groups, policies, and end user management

How to protect Cloud Data with access management, encryption at rest, and encryption keys management

How to secure and protect your Amazon S3 buckets and objects by understanding bucket/object ownership, how to manage access, how to encrypt data, and more

How to properly monitor, log, and alert in AWS, including using AWS CloudTrail and CloudWatch

Requirements

Basic knowledge of what the AWS cloud is (we don't recommend this being your very first AWS course)

No programming experience required

No prior cybersecurity required

Description

Learn how to secure your AWS cloud infrastructure with our comprehensive Introduction to AWS Security course. Designed for beginners or those looking to stay up-to-date with AWS security, this training course provides you with the essential knowledge and skills to protect your AWS environments and resources from all sorts of threats.Led by industry experts with extensive experience in AWS security, this course offers a deep dive into the fundamental concepts and best practices for securing cloud infrastructure in Amazon Web Services. You'll gain a solid understanding of Identity and Access Management (IAM), data access control and encryption (including securing Amazon S3), network and infrastructure security, as well as monitoring & logging.Our interactive learning approach combines comprehensive lessons, interactive diagrams, and hands-on lab exercises as well as challenges to help you both grasp security concepts and know how to apply them in real-world scenarios. You'll have the opportunity to reinforce your learning and gain hands-on experience configuring security measures directly in the AWS Management Console.Enroll in our Introduction to AWS Security course today and gain the knowledge and confidence to start protecting your AWS environment effectively!––––––––––––––––What makes this course differentProduction quality: We've been developing cloud and security training material for over 7 years and have taught hundreds of thousands of IT professionals all the way from individuals to Fortune 500 companies. Our production quality is top-notch and not only reflects expert experience but focuses on building practical skills with interactive diagrams, realistic lab scenarios, and other interactive elements.Interactive Diagrams: Concepts can be really boring to learn, especially when it's just someone reading slides. That's not what you get from this course. We've developed interactive diagrams that you can interact with as you're learning. That way, as we're discussing concepts or as we're deploying resources in the AWS cloud, you can visualize exactly what's going on side-by-side.Scenario-based: From the very beginning of the course, we set up a realistic and sample AWS multi-tier architecture, which we then evaluate from a security perspective to understand potential attack vectors. The rest of the course centers around this architecture and those security concerns so that we can learn how to properly defend our AWS resources, just as we would on the job as cloud security professionals.Hands-On and Lab-based: Every practical step we take in the course can be completed in your very own AWS account, and we will be adding actual lab scenarios for you to complete. Most if not all of them can be done for free using the AWS free tier. We inform you beforehand if there are any resources that will cost money so you can decide whether you want to complete those labs/steps or not.––––––––––––––––FAQ"Is this course practical or just conceptual?"This course includes both practical and conceptual. Because it's an introductory-level course, you need to learn important concepts before jumping in and doing, but we're firm believers in practical learning and we include both demos that walk you through-by-step and Lab Challenges where you complete realistic scenarios you could expect to see on the job."Do I need to have AWS experience before enrolling"Short answer: Yes. Longer answer: This is a course designed for beginners, but if you've never logged into AWS before, you won't be able to follow what's going on unless you have prior IT experience and/or experience with Azure/GCP."Do I need prior cybersecurity experience before enrolling?"While that would be helpful, it's not required. For example, if you are a developer using AWS to ship applications, you will get a lot of value from this course even though you are not a cybersec expert.––––––––––––––––About the authorsThis course was created, developed, and published in collaboration between Konstantinos Papapanagiotou and Christophe Limpalair.Kostas is a Cyber Security Consultant with over 19 years of security and IT consulting and research experience. He’s also been a volunteer for the OWASP nonprofit organization for over 17 years and is an OWASP Chapter Leader in Greece.Christophe is the founder and an author at Cybr, where he’s published many courses on topics of ethical hacking. You may also know him from Linux Academy / ACloudGuru, where he taught multiple AWS courses including associate and professional-level AWS certification courses, and helped tens of thousands of learners get certified. He also helped pioneer, develop, maintain, and secure Linux Academy’s cloud Hands-On Labs and Assessments technology which ran on a $1M budget on AWS and which required defense against malicious actors frequently trying to crypto mine and to launch attacks using our resources.Between Kostas and Christophe, the authors have years of experience working in AWS and building as well as securing production environments. They share that experience in this course to help you get started learning how to secure AWS resources and environments.

Overview

Section 1: Introduction

Lecture 1 About the course and authors

Lecture 2 Please read before getting started!

Lecture 3 AWS cloud architecture

Lecture 4 Security concerns with our architecture

Lecture 5 Regions and Availability Zones (AZs)

Lecture 6 Shared responsibility in the cloud

Lecture 7 [LAB] Create a billing alert to avoid surprise bills

Section 2: Infrastructure Security

Lecture 8 VPC Networks

Lecture 9 Default VPCs

Lecture 10 [DEMO] Creating VPCs and Subnets

Lecture 11 How many VPCs should you use?

Lecture 12 [DEMO] Subnet, Route Table, and Gateway Configurations

Lecture 13 [LAB] [Challenge] Create a VPC with public and private subnets

Lecture 14 [DEMO] Security Groups

Lecture 15 Security Groups Best Practices

Lecture 16 [DEMO] Network Access Control Lists (NACLs)

Lecture 17 [LAB] [Challenge] Configure security groups and NACLs to specific requirements

Lecture 18 Elastic Load Balancers

Lecture 19 [DEMO] AWS WAF

Lecture 20 [DEMO] AWS Network Firewall - Part 1

Lecture 21 [DEMO] AWS Network Firewall - Part 2

Lecture 22 DDoS Protection - AWS Shield

Lecture 23 AWS Firewall Manager

Section 3: Identity and Access Management

Lecture 24 Key Concepts of IAM in AWS

Lecture 25 [DEMO] IAM in AWS - Getting Started

Lecture 26 [DEMO] Creating our first admin user

Lecture 27 Assigning Permissions - IAM Access Policies and Policy Conditions

Lecture 28 IAM Roles

Lecture 29 [DEMO] Creating a role for EC2 instances to access S3 Buckets

Lecture 30 End user management - Amazon Cognito

Section 4: Data Protection

Lecture 31 Data protection in the cloud

Lecture 32 EBS Data Protection and Encryption

Lecture 33 Amazon RDS Data Protection and Encryption

Lecture 34 Key Management with AWS KMS

Lecture 35 [DEMO] Creating a symmetric encryption KMS Key

Section 5: Amazon S3 Bucket Protection

Lecture 36 Understanding bucket ownership

Lecture 37 Managing access to buckets

Lecture 38 [Cheat Sheet] S3 Bucket Policies vs. ACLs vs. IAM Policies

Lecture 39 [LAB] [Challenge] Create an IAM role for secure access to S3 based on a scenario

Lecture 40 Using signed URLs

Lecture 41 Encrypting S3 Data

Lecture 42 [DEMO] Enable S3 Object Versioning

Section 6: Logging and Monitoring

Lecture 43 AWS log types and auditing options

Lecture 44 [DEMO] Enable S3 server access logs

Lecture 45 AWS CloudTrail

Lecture 46 Amazon CloudWatch

Lecture 47 Proper logging and monitoring

Section 7: Wrap-up and Key Takeaways

Lecture 48 What now?

Cloud Security Engineers,DevOps/DevSecOps Engineers,AWS enthusiasts,Developers building on AWS,Cloud Architects,IT Managers