O'Reilly logo
live online training icon Live Online training

AWS: Critical Security Solutions for Developers

Aaron Bedra

An introduction to the most critical AWS service offerings related to securing your AWS environments, including:

  • User, Group, and Role management with IAM
  • Audit trails with CloudTrail
  • Threat detection and intelligence with GuardDuty
  • Encryption with KMS

What you'll learn-and how you can apply it

  • The importance of automating the organization and deployment of your AWS environment. This course will use Terraform and attendees will be provided full terraform automation scripts for the topics covered.
  • How to audit your AWS environment for potential security issues

This training course is for you because...

  • You are a developer who wants to learn the most essential AWS security techniques
  • You work in devops and are looking to automate security into operations
  • Are part of a security team and want to learn how to effectively audit and drive security changes in your AWS environment

Prerequisites

  • Basic familiarity with AWS
  • Familiarity with a scripting language. Python will be used in this course
  • Basic knowledge of AWS foundations such as S3, RDS, and DynamoDB

Course Set-up

  • Full administrative access to an AWS environment
  • Administrative access to your local computer
  • Installation of the following:
  • Terraform
  • Docker
  • Your favorite text editor

Recommended Preparation

Recommended Follow-up

About your instructor

  • Aaron Bedra is always exploring new and interesting ways to break and defend software. He is the Chief Scientist of Jemurai, where he works at the intersection of software, security, and business. Aaron has served as a Chief Security Officer, Chief Technology Officer, and Principal Engineer/Architect. He has worked professionally on programming languages, most notably Clojure and ClojureScript. Aaron is the creator of Repsheet, an open source threat intelligence toolkit. He is the co-author of Programming Clojure, 2nd and 3rd Edition and a contributor to Functional Programming: A PragPub Anthology.

Schedule

The timeframes are only estimates and may vary according to how the class is progressing

Setup

Length (15 min) - Instructor will walk through supplied code and explain basic concepts and common activities - Participants will test their setup to ensure they will be able to run examples as the course continues

Q&A (10 min)

IAM

Length (45 min) - Instructor will describe IAM and explain the recommendations for securing users, groups, and roles - Instructor will explain the supplied automation and demonstrate its results - Participants will run the automation examples to ensure they apply correctly to their environment

Break + Q&A (10 min)

CloudTrail

Length (45 min) - Instructor will describe CloudTrail and how to properly enable it - Instructor will explain the supplied automation and demonstrate its results - Participants will run the automation examples to ensure the apply correctly to their environment

Break + Q&A (10 min)

Encryption with KMS

Length (30 min) - Instructor will describe KMS, where it applies, and common encryption pitfalls - Instructor will explain the supplied code and automation and demonstrate its results - Participants will run the automation examples to ensure the apply correctly to their environment

Break + Q&A (10 min)

Automated Security Auditing

Length (45 min) - Instructor will describe Scout2 and walk through its reporting structure - Instructor will describe GuardDuty and explain why it is important - Participants will run the automation examples to ensure the apply correctly to their environment

Break + Q&A (10 min)

Wrap-Up

Length (remaining time) - Instructor will answer any additional questions