AWS Security Essentials

# AWS Security Essentials **Instructors:** Joe Hanko (joehanko@amazon.com) ## Labs & Books **Labs:** `aws.qwiklabs.com` *<< create account at this link* For this class, we’ll have hands-on labs, so make sure you’ve created an account with Qwiklabs using the email address which you’ve used to sign up for this class. If you already have an account please sign in. **Books:** `online.vitalsource.com` *<< create account at this link* I’ll be sending out a license code shortly which grants you access to all of the slides! The code will be sent to the email which you’ve used to sign up for class. ## Class Links - [AWS Global Infrastructure (Interactive)](https://infrastructure.aws/) - [AWS Shared Responsibility Model](https://aws.amazon.com/compliance/shared-responsibility-model/) - [Using the AWS CLI](https://aws.amazon.com/cli/) - [AWS Well-Architected](https://aws.amazon.com/architecture/well-architected/?wa-lens-whitepapers.sort-by=item.additionalFields.sortDate&wa-lens-whitepapers.sort-order=desc) - [Lambda Security Whitepaper](https://d1.awsstatic.com/whitepapers/Overview-AWS-Lambda-Security.pdf) - [All about AWS Local Zones](https://aws.amazon.com/about-aws/global-infrastructure/localzones/) - [Compliance on AWS](https://aws.amazon.com/compliance/) - [Compliance by Country (atlas)](https://aws.amazon.com/financial-services/security-compliance/compliance-center/) - [IAM: Types of Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html) - [IAM Roles: Concepts](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) - [IAM Security Recommendations](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html) (favorite!) - [Using the IAM Policy Simulator](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html) - [IAM Policy Simulator](https://policysim.aws.amazon.com/) (requires sign-in) - [IAM Policy Evaluation Logic](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) (great chart, half-way down) - [S3 Default Encryption Options](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) (SSE-S3) - [Changing your Amazon S3 encryption from S3-Managed to AWS KMS](https://aws.amazon.com/blogs/storage/changing-your-amazon-s3-encryption-from-s3-managed-encryption-sse-s3-to-aws-key-management-service-sse-kms/) (AWS Blog) - [Querying AWS CloudTrail logs with Amazon Athena](https://docs.aws.amazon.com/athena/latest/ug/cloudtrail-logs.html) (See “Create Athena Table”) - [Learn AWS CloudFormation template basics](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/gettingstarted.templatebasics.html) - [JSON.org](https://www.json.org/json-en.html) - [IDS / IPS](https://aws.amazon.com/marketplace/solutions/infrastructure-software/ids-ips) Options -