This learning path looks at how to implement mechanisms to enforce multi-account security in AWS. As your organization develops, expands, and continues to build more and more solutions, it won't be too long before the need to implement multiple accounts arises. Running multiple accounts brings many benefits, but also some challenges as well. One of those challenges is how to implement, manage and monitor your resources for security threats, vulnerabilities and weaknesses, both effectively and in a centralized manner for ease of operational support.
This learning path will look at how to implement controls to resolve this challenge by analyzing some of the AWS services and features available to help you implement refined security controls across all of your accounts.
Intended Audience
The courses within this learning path are recommended for those that already have a foundational understanding of AWS and security, in addition to a working knowledge of some of the AWS security services. If you are new to many of the services discussed in this learning path, then we do have a supporting learning path entitled AWS security services which provides a deep dive into many of these services.
Learning objectives
By the end of this learning path, you will have the knowledge and understanding
- Of the core principles of cross-account access using IAM, as well as have the knowledge of how to implement and configure it within your own AWS accounts
- To share your CMKs used within the AWS Key Management Service service across each of your AWS accounts, allowing you to implement encryption using the same keys
- To implement, manage and monitor your own Amazon GuardDuty findings across your own accounts through the analysis of AWS CloudTrail event logs, VPC flow logs, and DNS logs
- To implement the sharing of resources between different AWS accounts using AWS Resource Access Manager
Feedback
If you have any questions, thoughts or ideas for content to be added, then please get in touch with us here at Cloud Academy by sending an email to support@cloudacademy.com.
Hello and welcome to this learning path looking at how to implement mechanisms to enforce multi-account security in AWS. As your organization develops, expands, and continues to build more and more solutions, it won't be too long before the need to implement multiple accounts arises. Running multiple accounts brings many benefits, but also some challenges as well. One of those challenges is how to implement, manage and monitor your resources for security threats, vulnerabilities and weaknesses, both effectively and in a centralized manner for ease of operational support.
This learning path will look at how to implement controls to resolve this challenge by analyzing some of the AWS services and features available to help you implement refined security controls across all of your accounts. Due to the nature of the content involved, the courses within this learning path are recommended for those that already have a foundational understanding of AWS and security, in addition to a working knowledge of some of the AWS security services. I've designed this set of courses to be focused on a specific task resulting in shorter bite-sized content to be easily consumed, and each course contains a demonstration on how to carry out the configuration discussed.
If you are new to many of the services discussed in this learning path, then we do have a supporting learning path entitled AWS security services which provides a deep dive into many of these services. Over time, more and more content will be added to this learning path, so be sure to check back often for hints and tips on how to help to make your environment secure with the ease of management controls.
If you have any questions, thoughts or ideas for content to be added, then please get in touch with us here at Cloud Academy by sending an email to support@cloudacademy.com. Alternatively, feel free to reach out to me directly using the details shown on screen.
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.