AWS Security Services
Description
Comprehensive understanding of AWS security services including KMS, Secrets Manager, Certificate Manager, WAF, Shield, and Security Hub for implementing comprehensive security architectures.
Learning Objectives
Learners will master AWS security services including encryption key management with KMS, secrets management using Secrets Manager, SSL/TLS certificate management with ACM, web application protection using WAF and Shield, security compliance monitoring with Security Hub, and implementing defense-in-depth security architectures across AWS environments.
Topics (8)
Storing and retrieving secrets, automatic rotation configuration, VPC endpoints for private access, cross-account sharing, and integration with applications.
Provisioning public and private certificates, automatic renewal, certificate validation methods, integration with load balancers and CloudFront, and certificate monitoring.
Creating web ACLs, implementing custom rules, using managed rule groups, rate limiting, geo-blocking, and monitoring web application attacks.
Understanding Shield Standard automatic protection, Shield Advanced features, DDoS response team access, attack visibility, and cost protection benefits.
Setting up Security Hub, enabling security standards, managing findings, custom insights, integration with security services, and compliance reporting.
Setting up GuardDuty, understanding threat intelligence feeds, managing findings, custom threat lists, and integrating with incident response workflows.
Implementing layered security controls, security automation, incident response planning, compliance frameworks, and security monitoring strategies.
Understanding KMS key types, customer managed vs AWS managed keys, key policies, encryption contexts, cross-account access, and integration with AWS services.