
Introduction to the AWS Advanced Security Course
Links to the course files
Overview of the AWS Advanced Security Curriculum
Introduction to the AWS Setup that we're going to use in the labs & demos
Demo of the setup we're going to use in the labs & demos
Demo of the setup we're going to use in the labs & demos
Introduction of how you can federate your AWS users. How to use an external identity management provider to manage your users
Demo of how to setup Auth0 as an identity provider for federated users in AWS.
It's better to use temporary IAM credentials over static ones. This lecture explains why.
It's better to use temporary IAM credentials over static ones. This lecture explains how.
An introduction of what we're going to setup using VPC networking
Lecture about the different possibilities of setting up a secure communication within the VPC with AWS services and external services
Lecture about the different possibilities of setting up a secure communication within the VPC with AWS services and external services
Demo showing VPC endpoints, egress blocking, forward (egress) proxy.
Demo showing VPC endpoints, egress blocking, forward (egress) proxy.
Demo showing VPC endpoints, egress blocking, forward (egress) proxy.
Demo showing VPC endpoints, egress blocking, forward (egress) proxy.
Introduction to data protection on AWS
IAM authentication for databases
Demo showing IAM authentication for databases
Introduction to how to protect s3 access outside VPCs
demo of how to protect s3 access outside VPCs
Introduction to protecting DynamoDB data (but also applicable to other services)
Demo explaining how to protect DynamoDB data (can also be applied to other services)
Using IAM permission boundaries to protect access for more privileged users
Demo of using IAM permission boundaries to protect access for more privileged users
introduction to the setup of CloudTrail with compliance actions (for example removing resources because they don't meet certain policies)
This demo shows how a newly created security group rule gets automatically removed if the IP range is 0.0.0.0/0 (all traffic)
This demo shows how a newly created security group rule gets automatically removed if the IP range is 0.0.0.0/0 (all traffic)
Security hub introduction
Demo that shows how to setup security hub
Introduction to WAF (Web Application Firewall)
In this demo we'll show you how to protect yourself against SQL injection with the AWS WAF
Introduction to VPNs
Demo of setting up a customized VPN with a web-frontend with authentication to automatically get the .ovpn file
Demo of setting up a customized VPN with a web-frontend with authentication to automatically get the .ovpn file
Demo of setting up a customized VPN with a web-frontend with authentication to automatically get the .ovpn file
Demo of setting up a customized VPN with a web-frontend with authentication to automatically get the .ovpn file
The alternative to a VPN: the session manager can open you a shell without having port 22 (SSH) open to the world
Demo of the AWS Session Manager (and configuration of the AWS Systems Manager Agent)
Curious about security on AWS? Read about data breaches on cloud providers and want to avoid it yourself? Learn now how to protect your data, and manage your infrastructure in a secure way!
Your course instructors are AWS consultants with years of experience in Cloud & Security.
Our goals:
We aim to get you better informed about the security considerations when running infrastructure on AWS
We want to do this using simple, but accurate and real world examples, we want to make complex topics easy to understand
The lectures range from simple security features to really complex event driven systems to keep your AWS accounts in compliance based on a set of rules. All the scripts and commands are on our GitHub repository so you can easily download everything to your workstation (GitHub URL is in document after this lecture