AVG Duration18h


Security is one of the most important factors when implementing cloud services as you must ensure that the data you are storing on the Cloud remains restricted, controlled, monitored, maintained, and secured to the correct level.

AWS has developed a number of AWS security services and management tools to help you protect your data and environment from unwanted exposures, vulnerabilities, and threats, but largely it's down to us as customers to ensure these AWS security services are implemented effectively.

This learning path contains all of our content relating to the services listed within the AWS Security, Identity & Compliance category of the AWS Management Console. It contains our courses, labs, and assessments allowing you to develop your skills and knowledge in a specific area.

Topics and services covered in this learning path include:

  • Identity and Access Management (IAM)
  • Cross-Account access using IAM
  • Securing AWS Organizations using Service Control Policies
  • AWS Database Security
  • AWS Secrets Manager
  • Amazon GuardDuty
  • Amazon Macie
  • Resource Access Manager
  • Amazon Key Management Service (Encryption)
  • AWS CloudHSM
  • Security controls when working with Amazon S3
  • S3 encryption mechanisms
  • AWS Web Application Firewall
  • AWS Shield
  • AWS Firewall Manager
  • Amazon Inspector
  • Identity Federation
  • Serverless Security

If you have a specific request for content in this area, please send an e-mail to support@cloudacademy.com

Intended Audience

This learning path is intended for IT professionals or anyone looking to understand more about the various security services available to them in AWS and how they can be implemented.


To get the most out of this course, you should already have a solid understanding of the AWS platform and IT security.


Your certificate for this learning path

Training Content

Course - Beginner - 2m
LP Introduction: AWS Security, Identity & Compliance
An introduction to the AWS Security, Identity & Compliance learning path
Course - Intermediate - 17m
How AWS IAM is Used to Securely Manage Access
This course provides an overview of the AWS Identity & Access Management Service, commonly referred to as IAM, along with its core features.
Course - Intermediate - 25m
Managing User Identities with Long Term Credentials in AWS IAM
This course explains how to manage your user identities when using the AWS Identity and Access Management Service, commonly referred to as IAM.
Course - Intermediate - 35m
Managing Access using IAM User Groups & Roles
This course explores some of the security best practices when using user groups and roles and how these can help you secure access to your resources more effectively.
Course - Intermediate - 37m
Using IAM Policies to Define and Manage Permissions
This course covers how IAM Policies can be used to allow you to grant and restrict access to your resources within your AWS account, as well as the different types of policies and how to interpret a policy.
Exam - 35m
Knowledge Check: Overview of AWS Identity and Access Management (IAM)
Knowledge Check: Overview of AWS Identity and Access Management (IAM)
Hands-on Lab - Beginner - 1h
Introduction to IAM
Learn how to create and manage IAM users, groups and policies to securely control access to AWS services and resources.
Hands-on Lab - Intermediate - 1h 15m
Advanced Roles and Groups Management Using IAM
Learn how to manage our organization using IAM Users and Groups and IAM Roles 
Course - Intermediate - 12m
Implementing Cross-Account Access Using IAM
This course covers how to implement cross-account access using AWS IAM.
Course - Intermediate - 26m
Securing AWS Organizations with Service Control Policies (SCPs)
This course explores the AWS Organizations service and how to use Service Control Policies (SCPs).
Course - Intermediate - 1h 3m
Understanding Amazon GuardDuty
This course explains how to protect your AWS accounts by using the intelligent threat detection service, Amazon GuardDuty.
Course - Intermediate - 8m
Managing Findings from Multiple Accounts Using Amazon GuardDuty
This course looks at how to collate and manage findings from multiple AWS accounts with Amazon GuardDuty.
Hands-on Lab - Beginner - 50m
Detecting EC2 Threats with Amazon GuardDuty
Learn how to use Amazon GuardDuty to automatically uncover malicious EC2 activity and configure threat lists to improve the security of your AWS environments.
Course - Intermediate - 15m
How to Find PHI and Sensitive Data in Your S3 Buckets with Amazon Macie
This course explores the Amazon Macie service and how it helps you keep track of your S3 buckets and warns you about any sensitive data it might find.
Course - Intermediate - 9m
Configuring Multiple AWS Accounts with Amazon Macie to Protect PII Data in S3
This course demonstrates how to configure multiple AWS accounts with Amazon Macie to protect PII data in S3.
Course - Intermediate - 11m
How to Share Resources Across Multiple Accounts Using AWS Resource Access Manager
This course shows you how to share resources between AWS accounts or within your AWS organization using the AWS Resource Access Manager.
Course - Intermediate - 1h 10m
How to Use KMS Key Encryption to Protect Your Data
In this course, you will learn the basics of KMS, what it will cost to implement, how to encrypt data, and more...
Course - Intermediate - 15m
How to Share CMKs Across Multiple Accounts Using AWS KMS
This course shows how to use the Key Management Service for encryption across multiple AWS accounts.
Hands-on Lab - Intermediate - 2h
Using Amazon Key Management Service to Encrypt S3 and EBS Data
In this lab, you'll learn about Amazon Key Management Service to encrypt S3 and EBS Data at an intermediate level. Get started today!
Course - Intermediate - 33m
Manage Your Own Encryption Keys Using AWS CloudHSM
This course gets you started with AWS CloudHSM by giving you an overview of the basics of the service, what it is, and its use cases.
Course - Advanced - 40m
Increasing Your Security Posture when Using Amazon S3
This course introduces the different security controls and methods that have been built into Amazon S3 to protect your data and enhance your overall security posture.
Hands-on Lab - Beginner - 1h
Using S3 Bucket Policies and Conditions to Restrict Specific Permissions
You will learn the steps to create and apply AWS S3 Bucket Policies with embedded conditions to restrict a user's ability to perform specific functions within S3 Buckets.  
Course - Advanced - 12m
Understanding S3 Encryption Mechanisms to Secure your Data
In this course, you'll learn about the S3 encryption and decryption process for S3 Managed Keys, KMS Managed Keys, and Customer Provided Keys.
Hands-on Lab - Beginner - 45m
Encrypting S3 Objects Using SSE-KMS
This lab explores how to encrypting S3 objects in AWS using SSE-KMS.
Course - Intermediate - 22m
Amazon S3: Data Replication and Bucket Key Encryption
This course explores two different Amazon S3 features: the replication of data between buckets and bucket key encryption when working with SSE-KMS to protect your data.
Course - Intermediate - 54m
Amazon Inspector
In this course, you'll learn about Amazon Inspector and its components, as well as watch a demonstration on how to configure it.
Course - Intermediate - 10m
Using AWS Identity Federation to Simplify Access at Scale
This course covers AWS Identity Federation including what it is, some of the AWS services that can be involved in federation, and also highlight some scenarios where you might want to implement it.
Course - Intermediate - 15m
Security Best Practices when Working with AWS Databases
This course explores the security best practices when working with AWS databases, specifically looking at RDS and DynamoDB with some extra content related to Aurora.
Course - Intermediate - 24m
Understanding AWS Database Authentication & Access Controls
This course covers the different options available to you to enable you to authenticate to your Amazon RDS and Amazon DynamoDB Databases.
Course - Intermediate - 13m
Sharing Secrets Between Multiple Accounts Using AWS Secrets Manager
This course explains how to share secrets between different AWS accounts through the use of resource-based policies and AWS Secrets Manager.
Hands-on Lab - Beginner - 1h 45m
Storing and Rotating RDS Credentials in Secrets Manager
Learn how to use AWS SecretsManager and Amazon Relational Database Service to generate, store, and rotate a password in Secrets Manager. Use Secrets Manager with a Python application.
Course - Beginner - 1h 17m
Protecting Web Apps with AWS WAF, Shield & Firewall Manager
This course takes an in-depth look at AWS Web Application Firewall Service (WAF), AWS Firewall Manager and AWS Shield.
Course - Intermediate - 56m
AWS Security Best Practices: Abstract and Container Services
This course discusses the responsibility between AWS and the customer when architecting both abstract and container services
Course - Intermediate - 9m
The Difference Between Authentication, Authorization, and Access Control in AWS
This course explores the differences between authentication, authorization, and access control in order to control access to your cloud resources effectively and with the appropriate level of security.
Course - Intermediate - 30m
Authorization Controls in AWS
This course looks at some of the different methods that AWS implements to authorize access within your AWS account.
Course - Intermediate - 25m
AWS Authentication Mechanisms
In this course, we shall be looking at how AWS provides many different means of authentication.
Course - Intermediate - 34m
Serverless Security: Comparing FaaS to IaaS
This course explores the pros and cons of serverless security and where to focus additional security controls in a FaaS solution.
Exam - 45m
Final Exam: Security Services on AWS
Final Exam: Security Services on AWS
About the Author
Learning paths175

Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.

To date, Stuart has created 150+ courses relating to Cloud reaching over 180,000 students, mostly within the AWS category and with a heavy focus on security and compliance.

Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.

He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.

In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.

Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.