This course explores the security best practices when working with AWS databases, specifically looking at RDS and DynamoDB with some extra content related to Aurora. If you have any feedback relating to this course, feel free to get in touch with us at support@cloudacademy.com.
Learning Objectives
- Recognize common security vulnerabilities in regards to DynamoDB and RDS
- Recommend ways to resolve these security issues as well as understand some best practices that will help create secure architectures for your database
Intended Audience
This course is recommended for anywho who is looking to broaden and reinforce their AWS security understanding, or anyone who is interested in creating secure databases in general.
Prerequisites
To get the most from this course, you should have a good understanding of cloud computing, preferably with Amazon Web Services and you should be able to deploy and manage either RDS or DynamoDB databases on a basic level.
There are a lot of best practices out there that can add security and resilience to your database. Many of them can be deployed on a case by case basis and might not be applicable to all situations. What is important is to understand the reasons behind them, and the ideas that they attempt to convey.
You should always be critical of your users, both internally and externally. Make sure they only have access to the absolute minimum possible surface area. This helps to also keep the blast radius small in case of any possible security breaches. Between IAM for your internal threats and creating tiered architectures that only let in data from expected sources, you can gain confidence in your static defense.
AWS offers a few managed tools that can add that extra layer of protection that can put your solutions over the top. SQL injection protection from WAF for example is such a great addition to any architecture. What makes it really special is that AWS is in charge of keeping it updated for the latest and greatest security threats; this allows you to spend your time on the content that matters to you and your customers.
Classifying your data so you have a true understanding of the level of protection it deserves will provide long term benefits down the road. It allows you to secure the data that really needs it with extra layers of protection while having a more relaxed approach for the data that can afford it
Well, that brings us to the end of this course. My name is Will Meadows and I'd like to thank you for spending your time here learning about these best practices when working with your aws databases. If you have any feedback, positive or negative, please contact us at support@cloudacademy.com, your feedback is greatly appreciated, thank you!
William Meadows is a passionately curious human currently living in the Bay Area in California. His career has included working with lasers, teaching teenagers how to code, and creating classes about cloud technology that are taught all over the world. His dedication to completing goals and helping others is what brings meaning to his life. In his free time, he enjoys reading Reddit, playing video games, and writing books.