Understanding AWS Security and Management—From Zero to Hero

CLOUD LABS

Understanding AWS Security and Management—From Zero to Hero

In this Cloud Lab, you’ll master AWS security and identity management services using IAM policies and KMS keys.

12 Tasks

beginner

2hr 30m

Certificate of Completion

Desktop OnlyDevice is not compatible.

No Setup Required

Amazon Web Services

Learning Objectives

Thorough understanding of AWS Key Management Service and its role

Hands-on experience integrating AWS KMS with other AWS services

An understanding of AWS IAM and its application to secure AWS resources

Working knowledge of IAM users and user groups

Technologies

Lambda

IAM

KMS

DynamoDB

Desktop Only

No Setup Required

Amazon Web Services

Labs Rules Apply

Stay within resource usage requirements.

Do not engage in cryptocurrency mining.

Do not engage in or encourage activity that is illegal.

Cloud Lab Overview

AWS offers a comprehensive security framework for services using IAM and KMS work together. This combination helps protect sensitive information in AWS environments.

In this Cloud Lab, you’ll thoroughly explore the security and identity management services provided by AWS, focusing on IAM and KMS. You’ll learn about different IAM policies, create a user group with different policies, and add a user. Next, you’ll create an S3 bucket and attach a resource-based policy to allow public access. Then, you’ll create an execution role for a Lambda function. After this, you’ll create a customer-managed key for encrypted storage and database. Then, you’ll try to access it with a different user and learn how encryption key access works.

By the end of this Cloud Lab, you’ll have practical experience in using IAM identity-based policy, resource-based policy, and KMS keys for encrypting and decrypting AWS resources.

The following is the high-level architecture diagram of the infrastructure that you’ll create in this Cloud Lab:

Cloud Lab Tasks

1.Introduction

Getting Started

2.Identity and Access Management (IAM)

Introduction to IAM

IAM Policy

Create an IAM Group and Add a User

Configure a Resource-Based Policy

Configure an IAM Role

3.Key Management Service (KMS)

Create a Customer-Managed Key

Encrypt an AWS Database

Encrypt an AWS Storage

Access the Database and Storage with the Main Account

4.Conclusion

Clean Up

Wrap Up

Labs Rules Apply

Stay within resource usage requirements.

Do not engage in cryptocurrency mining.

Do not engage in or encourage activity that is illegal.

Relevant Courses

Use the following content to review prerequisites or explore specific concepts in detail.

Hear what others have to say

Join 1.4 million developers working at companies like

"Your method is simple, straight to the point and I can practice with it everywhere, even from my phone, that's something I have never had in other learning platforms."

Felipe Matheus

Software Engineer

"I highly recommend Educative. The courses are well organized and easy to understand."

Adina Ong

Senior Engineering Manager

"I prefer Educative courses because they have a nice mix of text & images. I find that with full video courses, it can often be too easy to go into passive learning mode."

Clifford Fajardo

Senior Software Engineer

"I love the content on Educative and I feel as if I am definitely improving in my craft."

Thomas Chang

Software Engineer

Learn in-demand tech skills in half the time

PRODUCTS

Mock Interview

New

Courses

Skill Paths

Projects

Assessments

Newsletter