Skip to content

Tevaalgorithms/AWS_Security

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

76 Commits
Detection and Logging
Detection and Logging
 
 
Identity and Access Management
Identity and Access Management
 
 
AWS Security.md
AWS Security.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Domain 1: Identity and Access Management

  1. IAM Overview
  2. IAM Policy
  3. Policy Evaluation Logic
  4. Trust Policy
  5. Permission Boundary
  6. ABAC for AWS
  7. IAM Role
  8. AWS STS, Revoking Temporary Credentials
  9. IAM Access Analyzer
  10. IAM Credential Report
  11. Identity Providers and Federation
  12. Web Identity Federation
  13. AWS Cognito
  14. Web Identity Federation API
  15. AWS SSO
  16. SAML 2.0 Identity Federation
  17. Custom Identity broker Federation
  18. AWS Organization

Domain 2: Logging and Monitoring

Configuration

  1. AWS Cloud Trail
  2. AWS Config
  3. AWS Guard Duty
  4. Amazon Inspector
  5. AWS Trusted Advisor
  6. CloudWatch, AWS X-Ray
  7. VPC Flow Logs
  8. AWS Security Hub

Investigate

  1. Amazon Detective
  2. CloudWatch Insight
  3. Amazon Macie
  4. Amazon Event Bridge
  5. AWS Artifacts
  6. Athena

Domain 3: Infrastructure Protection

Network

  1. AWS WAF
  2. AWS Shield
  3. DDoS attack
  4. AWS SES
  5. AWS CloudFront
  6. Lambda@Edge
  7. Elastic Cache, API Gateway
  8. VPC Private link
  9. Gateway Endpoint
  10. VPC Peering
  11. VPN Connect
  12. Transitive Gateway
  13. BGP
  14. Direct Connect
  15. IpSec Tunnel
  16. NACL and SG

Compute

  1. Protect EBS
  2. Protect EC2 & its metadata services
  3. Lambda
  4. Step Functions
  5. EKS
  6. Containers
  7. Amazon System Manager
  8. Why Bastion host needs to be replaced by Amazon SSM?

Domain 4: Data Protection

In Rest

  1. KMS, Key Policies
  2. KMS Key Rotation
  3. Own Key Pair KMS
  4. KMS with EBS
  5. KMS Grants
  6. KMS via Service
  7. Cross Account KMS
  8. EBS Encryption, snapshot, Transfer Encrypted EBS
  9. S3 Encryption, S3 Object Lock S3 Policies, ACL
  10. RDS Encryption, Dynamodb
  11. AWS SSM Parameter Store
  12. AWS Secret Manager
  13. Glacier & Vault lock policies 12.Container Security

In Transit

  1. ELB
  2. AWS Certificate Man.
  3. ELB with Certificate Manager
  4. HTTP VS TCP listeners in ELB
  5. API Gateway Edge Optimized
  6. HTTPS Listeners for ALB
  7. Network Packet Inspection
  8. SES

Domain 5: Incident Response

  1. AWS Abuse Notice
  2. Handle Expose Access keys
  3. Handle compromised EC2 instances
  4. Four steps to address incidents: 1.Educate 2.Prepare 3.Simulate 4.Iterate

My notes Reference are the following:

  1. https://aws.amazon.com/blogs/security
  2. https://learn.cantrill.io/p/aws-certified-solutions-architect-professional
  3. https://acloudguru.com/
  4. https://jayendrapatil.com/aws-certified-security-speciality-scs-c01-exam-learning-path

About

No description or website provided.

Topics

aws security

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors