This course provides detail on the AWS Security, Identity, and compliance services relevant to the AWS Certified DevOps Engineer - Professional exam. These services are used to help secure and protect your resources and environment through access control mechanisms and encryption.
Want more? Try a lab playground or do a Lab Challenge!
Learning Objectives
- Learn what Identity Federation is
- Learn about the AWS services that can be used with it
- Understand how it's implemented
- Understand the benefits of AWS IAM Identity Center and how it can be used to simplify user access at scale
- Create your own authentication mechanisms using Amazon Cognito
- Create your own customized UI for user sign in
- Create a secure user directory for all your applications and users
- Understand what is meant by identity and access management and the difference between authentication, authorization, and access control
- Learn the components of IAM as well as its reporting features
- Understand the core principles of cross-account access using IAM
- How to implement and configure cross-account access
- Define how the Key encryption process works
- Explain the differences between the different key types
- Create and modify Key policies
- Understand how to rotate, delete and reinstate keys
- Define how to import your own Key material
- Learn how AWS Security Hub provides a comprehensive view of your security posture across AWS services
- Understand the use of AWS Resource Access Manager (RAM) to securely share resources across multiple AWS accounts
- Learn about AWS Certificate Manager (ACM) and ACM Private Certificate Authority to secure applications and devices using public and private certificates
- Learn how the AWS Security Token Service (STS) enables you to request temporary, limited-privilege credentials for IAM or federated users
- Understand how the AWS Web Application Firewall (WAF) is used to protect applications and APIs against common web exploits
Hello, and welcome to this course on security, identity, and compliance in AWS, where we’re here to help you on your journey to prepare for the AWS Certified DevOps Engineer - Professional certification.
Before we get started, I’d like to introduce myself. My name is Danny Jessee, and I am one of the trainers here at Cloud Academy, specializing in AWS – Amazon Web Services – and AWS certifications.
In this course, the AWS team will be presenting a series of lectures that introduce the various security, identity, and compliance services currently available in AWS that may be covered on the exam.
Feel free to contact me with any questions using the details shown on the screen, or you can always get in touch with us here at Cloud Academy by sending an email to support@cloudacademy.com, where one of our Cloud experts will reply to your question.
This course has been specifically curated to help you pass the AWS Certified DevOps Engineer - Professional exam and is ideal for anyone who is looking to learn more about the various security, identity, and compliance services in AWS in preparation for the exam.
The objective of this course is to provide an introduction to security, identity, and compliance services in AWS for DevOps engineers, including:
-
AWS Certificate Manager (ACM),
-
AWS CloudHSM,
-
Amazon Cognito,
-
Amazon Detective,
-
AWS Directory Service,
-
Amazon GuardDuty,
-
AWS Identity and Access Management (IAM),
-
Amazon Inspector,
-
AWS Key Management Service (AWS KMS),
-
Amazon Macie,
-
AWS Network Firewall,
-
AWS Resource Access Manager (AWS RAM),
-
AWS Secrets Manager,
-
AWS Security Hub,
-
AWS Security Token Service (AWS STS),
-
AWS Shield,
-
AWS Single Sign-On, and
-
AWS WAF.
Together with the other courses in this learning path, we’ll cover all of the key tools, technologies, and concepts from the AWS Certified DevOps Engineer - Professional exam guide and ensure that you are fully prepared to sit this exam.
The AWS Certified DevOps Engineer - Professional certification has been designed for anyone in a DevOps engineer role who has knowledge and experience using AWS services to provision, operate, and manage distributed systems and services. All of the AWS Cloud concepts introduced in this course will be explained and reinforced from the ground up.
Here at Cloud Academy, we strive to keep our content current to provide the best training available. If you have any feedback, positive or negative, or if you notice anything that needs to be updated or corrected for the next release cycle, please reach out to us at support@cloudacademy.com. Thank you!
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.