Teach on Udemy

Turn what you know into an opportunity and reach millions around the world.

Learn More

Your cart is empty.

Keep shopping

DevSecOps & DevOps with Jenkins, Kubernetes, Terraform & AWS

Name: DevSecOps & DevOps with Jenkins, Kubernetes, Terraform & AWS
Rating: 4.5 (1157 reviews)

Implement SAST, SCA & DAST in Jenkins DevSecOps Pipeline from scratch and setup infra using Terraform, Kubernetes in AWS

Role Play

Highest Rated

Created byA Security Guru, Raghu The Security Expert

Last updated 10/2025

English

What you'll learn

Learn to create AWS Infrastructure to implement DevSecOps with Terraform
Learn to perform Continuous integration and Continuous Deployment using Jenkins in AWS
Learn DevSecOps implementation with Jenkins
Learn to implement GitOps in AWS
Learn SAST Integration with Jenkins
Learn to deploy web application on Kubernetes cluster (EKS) with Jenkins
Learn SCA Integration with Jenkins
Learn DAST Integration with Jenkins
Learn to deploy Jenkins on EC2 instance using Terraform

Course content

12 sections • 50 lectures • 3h 25m total length

Introduction and Course Agenda4:23
Explore the introductory course agenda for a hands-on DevSecOps program using Terraform, Kubernetes, Jenkins, and AWS; covers audience, fundamentals, and an end-to-end case study with SAST, SCA, and DAST.
About the Course1:18
Discover why DevSecOps matters, who should join, and how this course helps freshers and security and QA engineers upskill to meet strong demand and secure higher salaries in information security.
Understand End to End Case Study that will be implemented in this course2:06
Create a devsecops pipeline with terraform, kubernetes, jenkins, and aws. Provision EC2 with Jenkins, configure plugins, integrate Sonarcloud and Snyk, deploy to ECR and Kubernetes, and run OWASP ZAP tests.

What is DevSecOps?2:16
Define devsecops as development, security, and operations with security at the core; implement security early in development and follow the shift lift approach to identify issues early.
Tools used for DevSecOps5:16
Explore devsecops tooling, from git secrets and shift-left ide plugins to sast, dast, and container security. Assess build pipelines, infrastructure as code security, container registry scanning, and cloud posture management.
Basic Security Terms used in this course3:09
Explore key security terms used in this course, including SAST, SCA, DAST, IAST, IAC, and API security, and clarify the API versus microservice distinction.
Terraform Basics6:41
Master the basics of Terraform by writing configuration files that model infrastructure as code, using a city-building analogy to plan, apply, and destroy cloud resources.

Download Terraform on Windows Machine and Configure PATH in windows machine3:46
Download Terraform.exe for Windows from HashiCorp, choose amd64, unzip, and copy Terraform.exe to D:\security guru\Terraform. Add this folder to the system path, then run terraform -h in cmd to verify.
Create AWS Free Tier Account2:18
Create a free AWS account and complete the initial setup, including root user email, account name, verification, and payment details, then access the AWS dashboard to prepare DevSecOps.
Create AWS Admin User4:18
Create an AWS admin user by adding a new IAM user, attaching administrator access, and generating programmatic access keys for use with the AWS CLI.
Install AWS CLI and Authenticate with AWS5:41
Install AWS CLI version 2 on Windows with the MSI installer, then authenticate using your access key and secret key, and verify identity with STS get-caller-identity.
Install Visual Studio Code on Windows Machine2:45
Install Visual Studio Code on Windows 10 by downloading from code.visualstudio.com, selecting the correct 64-bit or 32-bit installer, and finalizing with desktop icon and path setup.

Install Git on Local System (If not already installed)4:52
Install Git Bash on your local system to clone repositories, make commits, and push changes, guided by step-by-step options for Windows, Linux, and Mac.
Clone Terraform Repo On Local System2:57
Clone the Terraform repo on your local system to set up an AWS infrastructure for an end-to-end DevSecOps pipeline with Jenkins, Kubernetes, and EC2.
Open the Terraform Repo in Visual Studio Code3:32
Open the Terraform repo in Visual Studio Code, inspect the vars folder, tfvars, and main.tf, and learn how the Terraform script provisions AWS infrastructure for DevSecOps with Jenkins and Kubernetes.
Understand Terraform Script to create AWS Infrastructure for DevSecOps6:07
Learn how a main.tf Terraform script provisions an AWS EC2 instance, security groups, an IAM role with admin permissions, and a Jenkins setup via user data for DevSecOps.
Understand shell script to install softwares on EC2 instance using Terraform4:23
Install and configure Jenkins and supporting tools on an EC2 instance via a shell script in Terraform, including openjdk11, git, Maven, AWS CLI, ZAP, kubectl, eksctl, Docker, and JQ.
Understand variables file in TF and create AWS Key pair to create EC2 using TF5:35
Explore how the dev-west-2.tfvars file supplies aws_region and key_name to main.tf, and how to create an AWS key pair in us-west-2 for Terraform to access the EC2 instance.
VPC Id for the infra creation and EC2 instance details0:48
Run Terraform Script to create AWS Infrastructure for DevSecOps8:44
Deploy AWS infrastructure with a Terraform script, from init to apply, using terraform.lock.hcl, and provision an ec2 instance running Jenkins for DevSecOps.
Knowledge Check
Learn to write a Terraform file for creating infrastructure in AWS

Find Jenkins Password and Complete Jenkins Setup4:05
Set up Jenkins on an AWS EC2 instance, extract the initial admin password, install default plugins, create the admin user, and prepare for a DevSecOps pipeline with Kubernetes and TerraForm.
New Jenkins UI Update: Global Tool Configuration renamed to Tools0:14
Configure Maven in Jenkins1:42
Configure Maven in Jenkins by adding a Maven installation named Maven_ in Global Tool Configuration, specifying the installed Apache Maven 3.5.2 on EC2 instance as Maven home, and save.
Install Required Plugins in Jenkins2:14
Install essential Jenkins plugins for a devsecops workflow, including Docker pipeline, AWS credential plugin, Amazon ECR, and Kubernetes CLI, enabling Docker image builds and Kubernetes commands.
What is SonarCloud and its benefits?1:43
Explore SonarCloud, a cloud-based SaaS platform that enforces code quality and security by defining customizable quality gates, including a default 80% coverage, and easy build-system integration via APIs.
Create an account with SonarCloud1:58
Create a SonarCloud account by signing in with GitHub, Bitbucket, GitLab, or Azure DevOps on sonarcloud.io, then access the dashboard and get ready to create projects.
Integrate SonarCloud in Jenkins Pipeline10:09
Integrate sonarcloud into a DevSecOps pipeline with Jenkins, using a declarative Jenkinsfile to run mvn builds and sonar analysis, and configure project key, organization, host url, and token.
Learn to write a Jenkinsfile for integrating SonarCloud in DevSecOps pipeline

What is Snyk and its benefits?2:04
Identify how Snyk, a cloud-based security tools provider, uncovers security issues in source code, open source libraries, containers, and infrastructure as code via software composition analysis and SAST.
Create an account with Snyk2:28
Create a Snyk account using GitHub to perform software composition analysis on source code, identify security issues in third-party libraries like Log4J, and set up integration with the DevSecOps pipeline.
Integrate and run SCA scan in DevSecOps pipeline using Jenkins9:00
Integrate software composition analysis in a Jenkins DevSecOps pipeline using the snyk Maven plugin to scan third-party libraries for vulnerabilities. Leverage Jenkins credentials and the -fn flag to prevent failures.
Learn to write a Jenkinsfile for integrating Snyk in DevSecOps pipeline

Understand docker image Build and Push Code and create docker login in Jenkins5:13
Build and push a Docker image in Jenkins by configuring Docker login credentials, push the image to AWS ECR, and prepare for Kubernetes deployment and DAST scanning.
Create AWS ECR and create AWS credentials in Jenkins credential manager3:47
Create a private aws ecr repository named asg, then configure aws credentials in Jenkins credential manager to enable pushing the docker image using the https ecr url.
Build and Push docker image to AWS ECR4:04
Learn how to update a Jenkins pipeline to build and push a docker image to AWS ECR, including docker and AWS logins, and run sonar analysis and SCA scans.

Create Kubernetes Cluster (EKS) using EKSCTL utility3:14
Connect to an EC2 instance and run eksctl to create a Kubernetes cluster. Wait for the cluster stack to deploy, then save the kubeconfig and verify two nodes with kubectl.
Add Kubernetes deployment stage in DevSecOps pipeline and add kube login7:26
Deploy a docker image from AWS ECR to a Kubernetes cluster via a Jenkins pipeline, using deployment.yaml and a load balancer in the DevSecOps namespace, with kube login configured.
Deploy Buggy web application on Kubernetes (EKS) using DevSecOps pipeline3:58
Deploy a docker image to a Kubernetes cluster via a DevSecOps pipeline in Jenkins, with SAST and SCA scans, pushing to AWS ECR for deployment in the DevSecOps namespace.

What is OWASP ZAP and its benefits?1:45
Explore OWASP ZAP, the open-source Zed Attack Proxy, a security scanner for web apps and API specifications, widely used in enterprises.
Understand code written for integrating DAST scan in DevSecOps pipeline6:00
Integrate a DAST scan into a Jenkins-driven DevSecOps pipeline for a web app deployed on Kubernetes, using zap.shell to scan the dynamic load balancer URL after deployment.
Run DAST scan and End to End DevSecOps pipeline using Jenkins8:36
Execute an end-to-end DevSecOps pipeline in Jenkins, running sonar and snyk analyses, building and pushing Docker images to AWS ECR, deploying to Kubernetes, and performing a Zap dast scan.
Learn to write a Jenkinsfile for integrating OWASP ZAP in DevSecOps pipeline

Requirements

Basic computer knowledge
Good to have some AWS Knowledge

Description

Course Updates:

v 4.0 - April 2026

Added AWS Lab in Lecture 11 - Working with AWS CLI

v 3.0 - May 2025

Added in Section 12 - Role play interview with Hiring Manager for position of Security Engineer

v 5.0 - May 2024

Added DevSecOps Handbook document in Section 12
Added lecture on Terraform Basics in Section 2

v 4.0 - Jan 2024

Added lecture on Jenkins UI change in Section 5
Updated GitHub Repos in Section 5 to install Java 17 on EC2 instance using Terraform and to use sonar.token instead of sonar.login
Added debugging lecture to fix cleanup issues with Terraform in Section 10

v 3.0 - April 2023

Updated Install Jenkins Shell script to fix breaking changes related to Jenkins installation on EC2 instance
Updated course with newer video of Lecture 9 to cover New AWS IAM Console Changes
Added Screenshots for Lecture 17 to identify VPC ID in your AWS account

v 2.0 - Feb 2023

Updated course with newer videos on Integrate JIRA with SonarCloud/SonarQube in Section 11
Added Quiz and Assignments on Terraform and Jenkinsfile

v 1.0 - June 2022

Updated course with newer videos on Cleanup Resources in AWS in Section 10

Who shall take this course?

This "DevOps & DevSecOps with Jenkins, Kubernetes, Terraform & AWS" course is designed for Security Engineers, DevOps Engineers, SRE, QA Professionals and Freshers looking to find a job in the field of security. This is a focused DevOps/DevSecOps course with a special focus on integrating SAST/SCA/DAST tools in Jenkins pipeline with infrastructure created with Terraform and K8S.

Learn and implement security in DevOps pipeline, get Hands On experience in using Security tools & technologies.

This course is for:

Developers
DevOps
Security Engineers
Aspiring professional in the Security domain
Quality Assurance Engineers
InfoSec/AppSec Professional

DevSecOps being the hot skill, will help you to secure a high-salaried job and stay informed on the latest market trends.

Why purchase this course?

This is only practical hands-on course available on the internet till now.

DevSecOps enables rapid application development with agility, at the same time it secures your application with automated security checks integrated within the pipeline. It helps to increase productivity and security by integrating security stages in the pipeline.

Also, we have included practical examples to implement security in the DevOps pipeline through various tools.

By the end of the course, you will be able to successfully implement DevOps or DevSecOps pipeline and lead initiatives to create, build and maintain security pipelines in your project.

No Action required before taking this course. For any question or concerns, Please post your comments on discussions tab

Disclaimer: English subtitles are auto-generated so please ignore any grammar mistakes

Who this course is for:

DevSecOps Engineers
DevOps Engineers
Information Security Engineers
Cloud Security Engineers

DevSecOps & DevOps with Jenkins, Kubernetes, Terraform & AWS

What you'll learn

Explore related topics

Course content

Introduction3 lectures • 8min

Basics about DevSecOps and Security4 lectures • 17min

Install Terraform and AWS CLI on Windows Machine5 lectures • 19min

Work with Terraform to create DevSecOps Infrastructure in AWS8 lectures • 37min

DevSecOps with Jenkins on AWS EC2 instance - Integrate SAST in DevSecOps7 lectures • 22min

Integrate SCA scan in Jenkins DevSecOps pipeline3 lectures • 14min

Build and Push Docker image to AWS ECR before Kubernetes deployment3 lectures • 13min

Deployment to Kubernetes cluster (EKS) in AWS3 lectures • 15min

Integrate DAST scan in Jenkins DevSecOps pipeline3 lectures • 16min

Cleanup all the resources created in this course2 lectures • 3min

Requirements

Description

Who this course is for: