This course provides the best Amazon Web Services (AWS) tutorial for beginners to learn about AWS cloud services.

Learn about the core AWS's services like compute, storage, networking services and how they work with other services like Identity, Mobile,  Routing, and Security. This course provides you with a good grasp an all you need to know of AWS services.

This course has been designed by three AWS Solution Certified Architects who have a combined industry experience of 17 years.  We aim to provide you with just the right depth of knowledge you need to have.

Kyle Murphy

Easy to read and very succinct ! Loved this course. Its better than most other courses  out there that are either half baked or way to detailed. 

Excellent,  time and money well spent on this. 

Richard Guajardo

Got what I was looking for. I used this for my interview prep with AWS. 

Worth it !

Tammy Rogers 

Loved all the architecture diagrams. It really helped in understanding how each service would be used. 

Pretty detailed. 

Learn the A to Z of  Amazon Web Services  (AWS)

## Security design principles

1. Apply security at all layers. E.g. Subnet, ACL’s Ports that are open on the Load Balancer.
1. Enable tractability. E.g. ability to audit changes using load.
1. Automate responses to security events 
E.g. if you detect someone trying to brute force port 22 then it triggers an SNS notification for someone to look at.

1. Focus on securing your system
E.g. you are responsible for securing your data, your application, and your OS.

1. Automate security best practices.
E.g. look into “center for internet security” to understand how to harden images for Bastion jump boxes.




## Cloud security

Security in the cloud consists of four areas:
1. Data Protection
1. Privilege Management
1. Infrastructure Protection 
1. Detective Controls

### Best Practices – Data Protection
1. Encrypt data at rest
1. Encrypt data in motion
1. Regular key rotation
1. Detailed logging of changes and access to files
1. Versioning to protect against accidental overwrite deletes



### Best Practices – Privilege Management
Ensures that only authorized and authenticated users are able to access the resources. Privilege Management can be done using:
1. Access Control Lists (ACLs)
1. Role Based Access Controls 
1. Password Management (password rotation)



# Security design principles

1. Apply security at all layers. E.g. Subnet, ACL’s Ports that are open on the Load Balancer.
1. Enable tractability. E.g. ability to audit changes using load.
1. Automate responses to security events 
E.g. if you detect someone trying to brute force port 22 then it triggers an SNS notification for someone to look at.

1. Focus on securing your system
E.g. you are responsible for securing your data, your application, and your OS.

1. Automate security best practices.
E.g. look into “center for internet security” to understand how to harden images for Bastion jump boxes.




# Cloud security

Security in the cloud consists of four areas:
1. Data Protection
1. Privilege Management
1. Infrastructure Protection 
1. Detective Controls

## Best Practices – Data Protection
1. Encrypt data at rest
1. Encrypt data in motion
1. Regular key rotation
1. Detailed logging of changes and access to files
1. Versioning to protect against accidental overwrite deletes



## Best Practices – Privilege Management
Ensures that only authorized and authenticated users are able to access the resources. Privilege Management can be done using:
1. Access Control Lists (ACLs)
1. Role Based Access Controls 
1. Password Management (password rotation)



Get introduced to the security design principles.

Fundamental Building Blocks of AWS

AWS: Miscellaneous Services

AWS: Identity & Access Management (IAM)

AWS: Compute Offerings

AWS: Storage

AWS: Database Offerings

AWS: Routing

AWS: Virtual Private Cloud (VPC)

AWS: Application Services

AWS Well Architected Framework

Well Architected Framework: Security

Security design principles