Key Management Service (KMS)
This course provides detail on the AWS Security, Identity, and compliance services relevant to the AWS Developer - Associate exam. These services are used to help secure and protect your resources and environment through access control mechanisms and encryption.
- Learn what Identity Federation is
- Learn about the AWS services that can be used with it
- Understand how it's implemented
- Understand the benefits of AWS SSO and how it can be used to simplify user access at scale
- Create your own authentication mechanisms using Amazon Cognito
- Create your own customized UI for user sign in
- Create a secure user directory for all your applications and users
- Understand what is meant identity and access management and the difference between authentication, authorization, and access control
- Learn the components of IAM as well as its reporting features
- Understand the core principles of cross-account access using IAM
- How to implement and configure cross-account access
- Define how the Key encryption process works
- Explain the differences between the different key types
- Create and modify Key policies
- Understand how to rotate, delete and reinstate keys
- Define how to import your own Key material
Amazon Cognito is an amazing service that does a lot of heavy lifting for you. Heavy lifting that used to be the developer’s problem. It takes on the burden of so much backend fluff that I feel almost every application could use it at some point.
Having Cognito deal with authentication and giving you an OAuth-compliant server to handle those transactions is incredible. I know as a dev I just want to have the application working and get people on it as soon as possible. Creating all the extra stuff just isn't what I signed up for.
Cognito’s ability to handle both user sign-in/sign-on with Cognito User pools - and AWS service authentication with Identity pools, gives you a lot of room to play around with. This is a service that works well for small shops, as well as large corporations.
In my opinion, Amazon Cognito is probably one of the most underrated services that AWS offers. You don't have to manage servers, you don't have to worry about security updates, you just need to program in the appropriate calls to your application.
Anywhoo, that brings us to the end of this course. My name is Will Meadows and I'd like to thank you for spending your time here learning about Amazon Cognito. I fully encourage you to play around with the service, experiment, and see if it can fit into your applications and your architectures.
If you want some hands-on education, please go check out this lab:
Otherwise, If you have any feedback, positive or negative, please contact us at email@example.com. Cheers!
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.