AWS for Beginners

Cloud Computing Introduction
Cloud Computing Introduction
3 Lectures
What Is Cloud Computing?
Cloud Computing Introduction: Part 1
Cloud Computing Introduction: Part 2
Cloud Computing Types
4 Lectures
Cloud Computing Types Introduction
Infrastructure-as-a-Service (IaaS)
Platform-as-a-Service (PaaS)
Software-as-a-Service (SaaS)
Cloud Computing Deployment Models
7 Lectures
Cloud Computing Deployment Models Introduction
Public Cloud
Private Cloud
Hybrid Cloud
Community Cloud
Multi-Cloud
Multitenancy
Virtualization, Virtual Machines and Hypervisor
2 Lectures
Virtualization and Virtual Machine
Hypervisor
Cloud Migration Strategies and Benefits
2 Lectures
Benefits of Migrating to Cloud
Cloud Adoption Strategies
Quiz – Cloud Computing
AWS Introduction
Getting Started with AWS
6 Lectures
AWS Introduction
AWS Account Sign up
IAM MFA Set Up
AWS Free Tier
Safeguard Your Expenses: How to Set Up AWS Budget Alerts
AWS Root Account Best Practices
AWS Global Cloud Infrastructure
3 Lectures
AWS Global Cloud Infrastructure
AWS Regions
AWS Availability Zones
AWS IAM
7 Lectures
AWS IAM Introduction
Creating IAM User and IAM Group
IAM Role
IAM Policy
IAM Policy (Hands-on)
IAM Access Key and Secret Key
IAM Best Practices
AWS Compute Services
16 Lectures
Amazon EC2 Introduction
Amazon EC2 Tutorial (Hands-on)
Amazon EC2 Security Group
Amazon EC2 Security Group (Hands-on)
Amazon EC2 Auto Scaling Introduction
Amazon EC2 Auto Scaling (Hands-on)
EC2 AMI Overview
EC2 AMI (Hands-on)
Public vs Private IP
Amazon EC2 User Data, Launch Template, EC2 Instance metadata
Amazon EC2 Elastic IP
Amazon EC2 ENI
Amazon EC2 Use Case and Features
Amazon EC2 Instance Purchasing Options
AWS Lambda Introduction
AWS Lambda (Hands-on)
AWS Storage Services
18 Lectures
Amazon S3 Introduction
Amazon S3 Introduction (Hands-on)
Amazon S3 Buckets — Part 1 (Hands-on)
Amazon S3 Buckets — Part II (Hands-on)
Amazon S3 Storage Classes
Amazon S3 Storage Classes (Hands-on)
Amazon S3 Versioning (Hands-on)
Preventing Accidental Deletion of Objects
Amazon S3 Replication (Hands-on)
Securing Amazon S3 Access
Amazon S3 Bucket Policy
Amazon S3 Bucket Policy (Hands-on)
Amazon S3 Encryption
Amazon S3 Encryption (Hands-on)
Amazon S3 Presigned URL
Static Website on Amazon S3 (Hands-on)
Amazon S3 Event Notifications
Amazon S3 Event Notifications (Hands-on)
AWS Database Services
4 Lectures
Amazon DynamoDB Introduction
Amazon DynamoDB (Hands-on)
Amazon RDS Introduction
Amazon RDS (Hands-on)
AWS Application Integration Services
6 Lectures
Amazon SQS Introduction
Amazon SQS (Hands-on)
Amazon SNS Introduction
Amazon SNS (Hands-on)
Amazon EventBridge Introduction
Amazon EventBridge (Hands-on)
AWS Monitoring and Logging Services
5 Lectures
AWS CloudTrail
AWS CloudTrail (Hands-on)
Amazon CloudWatch
Amazon CloudWatch Logs (Hands-on)
Amazon CloudWatch Metrics and Alarms (Hands-on)
Amazon Route 53
6 Lectures
DNS Introduction
How DNS Resolves Domain Names
How to Purchase Domain Names
Amazon Route 53 Introduction
Amazon Route 53 Routing Policies
Amazon Route 53 (Hands-on)
AWS DevOps
2 Lectures
AWS DevOps Key Services Overivew
AWS CloudFormation (Hands-on)
AWS AI/ML Services
2 Lectures
AI/ML Overview
AWS AI and ML Services
AWS Security
2 Lectures
AWS Security Introduction
AWS Security Essential Services
Previous Lecture

AWS Security Essential Services

AWS for Beginners AWS Security AWS Security Essential Services
video
play-rounded-fill
 
Welcome to this session on AWS security. In this presentation, we'll explore the core AWS security services that help safeguard cloud environments. We'll also briefly cover compliance and the shared responsibility model. By the end, you will have a clear introductory understanding of the essential AWS security services What is AWS security? AWS security is based on the shared responsibility model. AWS secures the cloud infrastructure while customers secure their own workloads and data AWS protects the infrastructure that runs its services, while customers remain responsible for protecting their applications and data. Security is applied in layers, often called defense in depth, covering networks identities, encryption, and monitoring. AWS aligns with global security standards to ensure consistent worldwide protection Now let's understand in brief how AWS handles security. AWS ensures strong physical security at its data centers with restricted access and surveillance AWS provides network protections like virtual private clouds, firewalls, and built-in DDoS mitigation. Identity and access management helps control who can do what within AWS accounts AWS offers encryption for data both at rest and in transit using services like KMS and TLS. Monitoring and logging tools continuously capture activity, allowing early detection of threats Let's understand about compliance. Compliance means adhering to laws, regulations, and industry standards that govern IT practices. It builds trust with customers and industries by showing that data is handled responsibly. Common compliance frameworks include GDPR for privacy, HIPAA for healthcare, PCIDSS for payments, and SOC 2 for auditing. Let's talk about how AWS handles compliance. AWS itself maintains certifications and attestations with recognized global standards. Through AWS Artifact, customers can directly access compliance reports and certifications By building on AWS customers inherit this certified infrastructure. But just like security, compliance is shared. AWS handles the infrastructure while customers configure applications to remain compliant Now, let's take a quick intro of essential AWS security services. IAM manages users, groups and roles, enforcing fine-grained access control. KMS provides centralized encryption and key management. Cloud trail captures all API activity for auditing and compliance. Guard duty uses machine learning to detect unusual or malicious activities. AWS WAIF, web application firewall, and shield protect applications from web attacks and DDoS events. Security Hub aggregates security findings from across AWS. Inspector automatically scans workloads for vulnerabilities. Macy detects and classifies sensitive data in Amazon S3. Detective helps investigate alerts and discover root causes. Config tracks configuration changes and enforces compliance rules. Organizations applies governance across multiple AWS accounts. We will now take a high-level overview of each of the services we just introduced. Let's start with IAM. IAM defines and manages users, groups, and roles for controlled access. It enforces permissions with Jason-based policies for precise control. IM supports multi-factor authentication and identity federation for extra security. Cloud Trail records all API calls and activities across your AWS account. Logs are delivered to Amazon S3 or streamed to CloudWatch for monitoring. Cloud trail is essential for compliance audits and forensic investigations. Guard duty uses machine learning and threat intelligence to detect suspicious activity. It identifies patterns like unauthorized logins or crypto mining attempts. Guard duty can be enabled across multiple accounts for centralized detection. AWS WAIF protects web applications from SQL injection, cross-site scripting and other exploits. Shield Standard automatically provides DDoOS protection for all AWS customers Shield Advanced offers stronger defenses, extra features, and AWS support during attacks. Security Hub gives a single view of all security findings in your AWS environment. It consolidates results from services like guard duty, inspector, and Macy. It also performs automated compliance checks against standards like PCIDSS, CIS and HIPAA. Inspector continuously scans workloads for vulnerabilities. It covers EC2 instances, lambda functions, and container workloads. Inspector identifies common vulnerabilities and exposures, providing remediation advice Macy's scans Amazon S3 to find sensitive or regulated data. It detects personally identifiable information such as credit cards or Social Security numbers This supports compliance with regulations like GDPR and HIPAA. Detective ingests data from guard duty, cloud trail, and VPC flow logs for deeper analysis. It shows visual graphs that link suspicious activities together. Detective helps identify the root cause of security incidents. Config monitors and records the configurations of AWS resources. It evaluates those resources against compliance rules that you define. Config can also trigger auto remediation when it detects non-compliance. Organizations simplifies the management of multiple AWS accounts. It uses service control policies to enforce governance across accounts. Organizations consolidates billing for efficiency and cost visibility. In summary, AWS security begins with a shared responsibility model. AWS applies security at multiple layers, network, identity, encryption and monitoring. Compliance ensures organizations follow regulations and maintain customer trust. And core AWS security services provide the tools needed to keep workloads secure.
Previous Lecture
Back to Lesson
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

 Hide picture