In this course, we shall be looking at how AWS provides many different means of authentication.
Learning Objectives
- The different methods of authentication that can be implemented when using AWS
- The difference between username/password and Multi-factor authentication
- How to configure MFA authentication
- The process in which programmatic authentication is managed
- How IAM roles can be used to authenticate and authorize EC2 instances to access resources
- How Key Pairs are used to authenticate you to newly created EC2 instances
- The different options available with regards to federated authentication
Intended Audience
- AWS Administrators
- Security Engineers
- Security Architects
- And anyone who is looking to increase their knowledge of security and authentication within AWS
Prerequisites
You should have a basic understanding of AWS IAM and what the service is used for. It would also be advantageous if you had some basic hands-on experience of Amazon EC2, but it is not essential.
If you have a look at security from an identity and authentication perspective, you could leave yourself open to security loopholes, which in turn can lead to abuse from not only internal users but external as well. Security remains high on the list for importance when it comes to cloud computing, and having an understanding of it is beneficial to your whole company. It's the one key topic that consistently gains attention and requires constant and considerable amount of effort to get right and implement efficiently.
In order to do this correctly, a clear understanding and definition of security terms are essential, such as the clear differences between authentication, authorization, and access control. If you want to be an effective security engineer, you need to know the differences between these terms to allow you to select an architect the right solution to meet your needs. There are so many different methods of authentication and granting permissions.
It can get a little overwhelming when selecting the most effective mechanism. However, when doing so, implement the most appropriate solution that meets the security level of the data and resources that you're protecting. If the data resource is highly sensitive, then you would implement multiple levels of authentication, such as MFA, in addition to multiple levels of authorization. The more restrictions that are in place, the harder it is to breach. I would recommend you take a look at the labs we have here at Cloud Academy as there are a number of AWS labs covering security from introduction to IAM to setting and configuring advanced roles.
So, feel free to take a look at these in your own time to become more familiar on how to set these up within the real environment. That now brings me to the end of this lecture and to the end of this course, and so you should now have a greater understanding of some of the different authentication mechanisms that are available for users within AWS. Feedback on our courses here at Cloud Academy is valuable to both us as trainers and any students looking to take the same course in the future. If you have any feedback, positive or negative, it would be greatly appreciated if you can contact support@cloudacademy.com. Thank you for your time and good luck with your continued learning of cloud computing, thank you.
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.