Securing Amazon EC2 Instances
What you'll learn
- Address the threat categories facing EC2 instances and the possible consequences of an attack
- Apply the range of security tools AWS provides to help us protect our instances
- Configure instance security groups, IAM roles, and VPC design to provide optimal protection
- Integrate general server security best-practices and the AWS Shared Responsibility Model with your infrastructure design
- Besides basic familiarity with using EC2 instances, no prerequisite knowledge is needed for this course.
- Comfort with the AWS CLI will be helpful and familiarity with Linux is a bonus.
Amazon's Elastic Cloud Compute (EC2) service is borderline magic. After all, being able to provision and launch a fully-functioning, enterprise-quality cloud server in just a minute or two with no up-front costs is something we could barely have imagined even a decade ago. But all that cloud goodness doesn't change an admin's primary responsibility: to protect infrastructure from attack. The easier EC2 makes it to push out more and more applications, the more we're exposed to a lot of hostile - and scary - threats.
If you're responsible for EC2 instance workloads - or even if you're just considering the possibility - you need to understand what defensive skills and tools are available and how you can use them.
This course will review the current threat landscape and some general server security best practices. I'll introduce you to the significant security measures AWS themselves have taken on our behalf, and how to make the best use of their security groups, IAM roles, and VPC design architectures. We'll also learn about how AWS offers networking tools like VPNs and instance connectivity to help us push back against the bad guys.
I've also included everything you might need to follow along with the practical demos on your own laptop or work station. Successfully completing all the videos, reading content, test-yourself quizzes, and demos yourself will leave you with a strong sense of what you can and should be doing to protect your application instances.
Who this course is for:
- Project managers planning application deployments
- AWS solution architects looking to make sure they're not missing anything important
- Application developers and admins responsible for infrastructure health
- Individuals looking to safely introduce themselves to core AWS tools
For most people, watching an instructor doing something – or even reading an excellent guide – is not the best way to learn a complex set of skills. Those might be critically important elements of your quest for excellence in some technical field, but unless you dive in and work through real-world problems on your own, you’ll never truly master the material.
Our technology books, Udemy and Pluralsight video courses, and other content present you with all the background and information you’ll need to get started. But more significantly, they are designed to push you as quickly as possible out “into the field” where you can earn effective hands-on experience (and money!) using the real tools of your trade.
David Clinton is an AWS solutions architect and Linux server administrator. He has written about and published training content (including books with Wiley/Sybex, Bootstrap IT, and Manning, and online courses on Udemy and Pluralsight) for many cutting edge technology subjects including Linux systems, Cloud Computing (in particular Amazon's AWS), container technologies like containers, data analytics, and DevOps tools. More than 60,000 of his books are currently in circulation and his video courses have been viewed by more than a half a million students...just like you!