Summary and Quiz

In this lesson, we’ll summarize what we’ve learned so far in this chapter and test our knowledge with a short quiz.

Summary

In this chapter, we learned about security services offered by AWS. Here’s a brief summary of the services we covered:

AWS KMS

KMS is used to manage encryption keys in AWS. There are two main types of KMS keys:

• AWS-managed keys: These keys are generated and managed by AWS. They are generally related to an AWS service like S3, EBS.

• Customer-managed keys: These keys are generated and managed by users. We have complete control over the configuration of these keys.

WAF

AWS WAF is a network firewall used to protect our applications from malicious access. We can configure related web ACLs to defend our resources from specific types of attacks, including XSS scripting, SQL injections, and Cross-site request forgery. WAF analyzes the request sent to the application and blocks any request that does not comply with the set ACL rules.

Amazon Detective

Amazon Detective helps organizations identify security issues, conduct efficient investigations, and proactively respond to potential threats by continuously analyzing and correlating log data from various AWS services, such as AWS CloudTrail and Amazon VPC Flow Logs. It does not resolve any security issues. Rather, it just identifies them and recommends the actions using which the security threats can be mitigated.

AWS Directory Service

With AWS Directory Service, organizations can centralize user identities and access management, simplifying authentication and authorization across AWS resources and applications.

Secret Manager

Secret Manager can be used to store our passwords and credentials. All stored secrets within AWS Secrets Manager undergo encryption via AWS Key Management Service (KMS), which delivers resilient encryption standards and proficient key management capabilities.

Amazon Macie

Amazon Macie helps organizations maintain their data assets’ confidentiality, integrity, and availability in AWS environments. It is a fully managed data security and privacy service that uses machine learning and pattern matching to automatically discover, classify, and protect sensitive data stored in AWS.

SecurityHub

AWS Security Hub is a security service that provides us with a comprehensive view of the security state of our AWS account. It collects data from various AWS accounts, services, and other third-party products to determine the security issues in our account.

AWS Firewall Manager

AWS Firewall Manager helps us manage firewalls in our account from a single place. It can also be implemented at an organizational level allowing us to secure multiple AWS accounts from a single point and enabling us to stay consistent related to our firewall policies.

AWS GuardDuty

AWS GuardDuty is a regional service that is fully managed by AWS. GuardDuty helps us protect our AWS environments by identifying potential security issues such as unusual API calls, compromised EC2 instances, unauthorized access attempts, and potentially malicious IP addresses.