AWS Security Best Practices for Developers

Create stronger, more secure applications for AWS deployment. Learn security best practices for Identity and Access Management, S3 storage, Key Management Service (KMS), and more.

Introduction

• Securing your application
• What you should know

1. Identity and Access Management

• Important concepts
• Uses and access keys
• Roles and policies
• IAM key points
• Challenge: IAM roles and policies
• Solution: IAM roles and policies

2. Amazon Simple Storage Service (S3)

• S3 as a static website
• Bucket policies
• S3 bucket encryption
• S3 object versioning and MFA delete
• S3 key points
• Challenge: S3 presigned URL challenge
• Solution: S3 presigned URL challenge

3. Key Management Service Encryption

• Key Management Service (KMS) introduction
• Using AWS KMS
• KMS key points
• Challenge: Key Management Service
• Solution: Key Management Service

4. User Identities with Cognito and Web

• Cognito concepts
• Workflow
• Cognito demonstration
• Cognito key points
• Challenge: Cognito automated login
• Solution: Cognito automated login

5. Certificate Manager

• Creating and managing certificates
• Using certificates with AWS Resources
• AWS Certificates Manager and EC2 instances

6. Parameter Store and Secrets Manager

• Parameter Store for sensitive data
• Using Parameter Store from EC2
• Secrets Manager overview

7. Security Alerts in AWS

• Root login alerts
• Detecting unauthorized instance stops
• Checking for unused credentials

Conclusion

• Get familiar with AWS tools