Security is one of the most important factors when implementing cloud services as you must ensure that the data you are storing on the Cloud remains restricted, controlled, monitored, maintained, and secured to the correct level.
AWS has developed a number of AWS security services and management tools to help you protect your data and environment from unwanted exposures, vulnerabilities, and threats, but largely it's down to us as customers to ensure these AWS security services are implemented effectively.
This learning path contains all of our content relating to the services listed within the AWS Security, Identity & Compliance category of the AWS Management Console. It contains our courses, labs, and assessments allowing you to develop your skills and knowledge in a specific area.
Topics and services covered in this learning path include:
- Identity and Access Management (IAM)
- Cross-Account access using IAM
- Securing AWS Organizations using Service Control Policies
- AWS Database Security
- AWS Secrets Manager
- Amazon GuardDuty
- Amazon Macie
- Resource Access Manager
- Amazon Key Management Service (Encryption)
- AWS CloudHSM
- Security controls when working with Amazon S3
- S3 encryption mechanisms
- AWS Web Application Firewall
- AWS Shield
- AWS Firewall Manager
- Amazon Inspector
- Identity Federation
- Serverless Security
If you have a specific request for content in this area, please send an e-mail to firstname.lastname@example.org
This learning path is intended for IT professionals or anyone looking to understand more about the various security services available to them in AWS and how they can be implemented.
To get the most out of this course, you should already have a solid understanding of the AWS platform and IT security.
Learning Path Steps
This course explains AWS Identity & Access Management (IAM), what it is, and how to implement it.
Knowledge Check: Overview of AWS Identity and Access Management (IAM)
Learn how to create and manage IAM users, groups and policies to securely control access to AWS services and resources.
Learn how to manage our organization using IAM Users and Groups and IAM Roles
This course covers how to implement cross-account access using AWS IAM.
This course explores the AWS Organizations service and how to use Service Control Policies (SCPs).
This course explains how to protect your AWS accounts by using the intelligent threat detection service, Amazon GuardDuty.
This course looks at how to collate and manage findings from multiple AWS accounts with Amazon GuardDuty.
Learn how to use Amazon GuardDuty to automatically uncover malicious EC2 activity and configure threat lists to improve the security of your AWS environments.
This course looks at Amazon Macie and how to customize it to gain the maximum benefit of its capabilities.
Configuring Multiple AWS Accounts with Amazon Macie to Protect PII Data in S3
This course demonstrates how to configure multiple AWS accounts with Amazon Macie to protect PII data in S3.
How to Share Resources Across Multiple Accounts Using AWS Resource Access Manager
This course shows you how to share resources between AWS accounts or within your AWS organization using the AWS Resource Access Manager.
In this course, you will learn the basics of KMS, what it will cost to implement, how to encrypt data, and more...
This course shows how to use the Key Management Service for encryption across multiple AWS accounts.
In this lab, you'll learn about Amazon Key Management Service to encrypt S3 and EBS Data at an intermediate level. Get started today!
This course gets you started with AWS CloudHSM by giving you an overview of the basics of the service, what it is, and its use cases.
This course introduces the different security controls and methods that have been built into Amazon S3 to protect your data and enhance your overall security posture.
Using S3 Bucket Policies and Conditions to Restrict Specific Permissions
You will learn the steps to create and apply AWS S3 Bucket Policies with embedded conditions to restrict a user's ability to perform specific functions within S3 Buckets.
In this course, you'll learn about the S3 encryption and decryption process for S3 Managed Keys, KMS Managed Keys, and Customer Provided Keys.
This lab explores how to encrypting S3 objects in AWS using SSE-KMS.
This course explores two different Amazon S3 features: the replication of data between buckets and bucket key encryption when working with SSE-KMS to protect your data.
In this course, you'll learn about Amazon Inspector and its components, as well as watch a demonstration on how to configure it.
This course introduces you to AWS Identity Federation and includes a demo on how to use it.
This course explores the security best practices when working with AWS databases, specifically looking at RDS and DynamoDB with some extra content related to Aurora.
This course covers the different options available to you to enable you to authenticate to your Amazon RDS and Amazon DynamoDB Databases.
This course explains how to share secrets between different AWS accounts through the use of resource-based policies and AWS Secrets Manager.
Learn how to use AWS SecretsManager and Amazon Relational Database Service to generate, store, and rotate a password in Secrets Manager. Use Secrets Manager with a Python application.
This course takes an in-depth look at AWS Web Application Firewall Service (WAF), AWS Firewall Manager and AWS Shield.
This course discusses the responsibility between AWS and the customer when architecting both abstract and container services
In this course, you'll learn about security mechanisms around AWS Authentication, Authorization, and Accounting, using a variety of services.
This course explores the pros and cons of serverless security and where to focus additional security controls in a FaaS solution.
Final Exam: Security Services on AWS
Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.
To date, Stuart has created 90+ courses relating to Cloud reaching over 100,000 students, mostly within the AWS category and with a heavy focus on security and compliance.
Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.
He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.
In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.
Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.