AWS Security Specialty and DevOps

Course Outline

AWS Security Specialty

Domain 1: Threat Detection and Incident Response

  • Amazon GuardDuty
  • Amazon Detective
  • AWS Config
  • AWS Security Finding Format (ASFF)
  • Amazon Macie

Domain 2: Security Logging and Monitoring

  • Amazon CloudWatch
  • Amazon EventBridge
  • Amazon SNS (Simple Notification Service)
  • Amazon Lambda
  • AWS Security Hub
  • Amazon CloudTrail
  • Amazon Athena
  • AWS VPC Flow Logs
  • Route 53 DNS Logs
  • AWS Systems Manager

Domain 3: Infrastructure Security

  • AWS WAF (Web Application Firewall)
  • AWS Shield
  • Amazon Route 53
  • AWS Network Firewall
  • AWS Transit Gateway
  • Amazon Inspector
  • VPC Traffic Mirroring
  • Amazon EC2
  • AWS Direct Connect
  • AWS VPN
  • IAM Instance and Service Roles

Domain 4: Identity and Access Management

  • AWS IAM (Identity and Access Management)
  • AWS IAM Identity Center (AWS SSO)
  • Amazon Cognito
  • AWS CloudTrail
  • IAM Policy Simulator
  • IAM Access Advisor

Domain 5: Data Protection

  • AWS KMS (Key Management Service)
  • AWS Secrets Manager
  • AWS Systems Manager Parameter Store
  • Amazon CloudFront
  • AWS Certificate Manager (ACM)
  • Cloud HSM
  • AWS VPN
  • AWS S3 (Simple Storage Service)
  • AWS DynamoDB

Domain 6: Management and Security Governance

  • AWS Organizations
  • AWS Control Tower
  • AWS CloudFormation
  • AWS Tagging Service
  • AWS Cost Explorer
  • AWS Well-Architected Tool
  • Trusted Advisor
  • AWS Resource Access Manager (RAM)
  • AWS Tagging
  • AWS Encryption
  • AWS Lifecycle Management
  • AWS Monitoring

DevOps on AWS

Docker: Theory – In detail

  • Installation, pull any docker image from Docker hub
  • Create a container from it
  • Make some changes in it and push it in docker hub

CI/CD: theory – Introduction, Services

Jenkins: Theory: in detail

  • Installation
  • Deploy docker image to aws ecr using Jenkins pipeline

GitHub: Theory: Introduction, repo, GitHub action

  • Deploy docker image to aws ecr and deploy it to ecs cluster using GitHub action

AWS Code pipeline: Theory – introduction

  • Intro in console, deploy sample application

AWS ECS: Theory – introduction

  • Intro in console, deploy ecr image in ecs cluster

Kubernetes: Theory – In detail

  • Eks cluster intro, worker node, connect eks cluster in ec2 instance

Helm Chart: Theory – In detail

  • Installation, download repo in it

Ansible Theory – In detail

  • Installation, how to establish connection b/w server and node, ansible playbook

Cloud formation Theory : Introduction

  • Cloud formation code to create vpc with high availability