Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

LinkedIn Learning

AWS: Enterprise Security

via LinkedIn Learning

Overview

Implement AWS securely. Learn about the different security tools within AWS—Identity and Access Management (IAM), Key Management Service (KMS), and more—as well as how to use them.

Understanding—and successfully implementing—security concepts is essential to using Amazon Web Services (AWS) as your enterprise solution. In this course, instructor Sharif Nijim couples pragmatic advice with practical examples that show IT pros how to create a secure infrastructure within AWS. Sharif explores the shared responsibility model of security, which splits duties between your company and AWS, and introduces key Identity and Access Management (IAM) concepts, including users, groups, roles, and policies. Discover how to manage access to Simple Storage Service (S3); implement detective controls within AWS, including how to work with AWS Config and GuardDuty; use protective tools such as AWS Shield; and use AWS Key Management Service (KMS) to manage access keys. Plus, learn how to prepare for the inevitable audit of your AWS account(s).

Syllabus

Introduction
  • AWS security overview
  • What you should know
1. AWS Security Foundations
  • Understanding shared responsibility
  • Understanding the AWS security landscape
  • Understanding separation of duties
  • Implementing separation of duties
  • Understanding CloudTrail
  • Enabling CloudTrail
  • Understanding AWS Organizations
  • The AWS Command Line Interface (CLI) for Mac
  • The AWS Command Line Interface (CLI) for Windows
2. Identity and Access Management (IAM) Concepts in AWS
  • Understanding IAM
  • Understanding IAM policies
  • Configuring IAM policies
  • Understanding IAM groups
  • Configuring IAM groups
  • Configuring web console access
  • Configuring IAM users: Web console
  • Challenge: IAM
  • Solution: IAM
  • Understanding IAM roles
  • Configuring IAM roles
  • Understanding Security Token Service
  • Granting temporary access
  • Illustrating access restrictions
  • Exploring IAM policy simulator
  • Exploring federated access in AWS
  • Use case: Securing financial access
  • Understanding Resource Access Manager
3. S3 Access Management
  • Managing S3 access
  • Accessing S3 privately
  • Managing S3 with IAM
  • Restricting S3 access with IAM
  • Illustrating EC2 S3 access with IAM
  • S3 bucket policies
  • Illustrating S3 bucket policies with CLI
  • Understanding S3 access control lists
  • Exploring presigned URLs
4. Key Management
  • Understanding Key Management Service
  • Creating a KMS key
  • Using a KMS in S3
  • Using KMS and an IAM role
  • Automating KMS key rotation
  • Deleting a KMS key
  • Understanding Secrets Manager
  • Using Secrets Manager
  • Enabling auto-rotation with Secrets Manager
  • Understanding AWS CloudHSM
5. Internal Detective Controls
  • Understanding AWS Config
  • Enabling AWS Config
  • Exploring AWS Config results
  • Understanding AWS GuardDuty
  • Exploring AWS GuardDuty
  • Understanding AWS Macie
  • Understanding IAM Access Analyzer
  • Understanding Amazon Detective
  • Exploring Amazon Detective
  • Understanding Amazon Inspector
  • Exploring Amazon Inspector
6. Additional Protective Tools
  • Understanding web application firewall
  • Configuring web application firewall
  • Understanding AWS Shield
  • Understanding Certificate Manager
  • Creating a private certificate
7. Security Audits in AWS
  • Understanding AWS Security Hub
  • Using AWS Security Hub
  • Rotating access keys
  • Understanding AWS Artifact
  • Understanding Trusted Advisor
  • Exploring Trusted Advisor
  • Preparing for a security audit
Conclusion
  • Next steps

Taught by

Sharif Nijim

Related Courses

Reviews

Start your review of AWS: Enterprise Security

Never Stop Learning!

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free