Ends in
00
days
00
hrs
00
mins
00
secs
ENROLL NOW

💪 25% OFF on ALL Reviewers to Start Your 2026 Strong with our New Year, New Skills Sale!

AWS Security & Identity Services

Home » AWS Cheat Sheets » AWS Security & Identity Services

AI-Driven Cloud Security at AWS re:Invent 2025

2025-12-26T11:28:51+00:00

Cloud computing continues to accelerate at a pace that traditional security models were never designed to support. Development teams now provision infrastructure in minutes, deploy services continuously, and scale applications automatically. However, security processes often lag behind this speed. In many organizations, security still enters the workflow after key architectural decisions are already finalized. As a result, teams spend more time fixing problems than preventing them. Although many organizations attempt to shift security earlier in development, the results are often disappointing. Security tools may run during build or deployment stages, yet they frequently lack the context required to provide meaningful [...]

AI-Driven Cloud Security at AWS re:Invent 20252025-12-26T11:28:51+00:00

Security in AWS Data Engineering: Best Practices and Strategies

2024-11-29T00:42:48+00:00

Bookmarks The AWS Shared Responsibility Model Use AWS Data Encryption Use Identity and Access Management (IAM) Implement Network Security Monitoring and Logging Compliance Standards Data Governance Secure Data Storage Backup and Disaster Recovery Automating Security Practices Conclusion: Proactive Security Measures for Data Engineers References In today's world of Cloud Computing, data engineering security and compliance are very important for companies that manage sensitive information. Data engineers that are using Amazon Web Services (AWS) must protect their data while following regulatory standards. Many organizations now use [...]

Security in AWS Data Engineering: Best Practices and Strategies2024-11-29T00:42:48+00:00

HTTP Flood Attack Notification using AWS Lambda, Amazon EventBridge and CloudWatch Logs Insights

2024-01-25T05:04:59+00:00

We can almost do everything now on the website. Selling clothes, ordering food, video posting, doing business meetings, online classes, and others, you name it. Running a website is very awesome and at the same time hard, especially when bad actors want to mess with it. One sneaky way is an "HTTP Flood Attack," where your website gets bombarded with too many requests. This can slow down or even break your site. Detecting and responding to such attacks promptly is crucial for maintaining the availability and performance of your applications. In this blog post, we'll explore how to implement a simple [...]

HTTP Flood Attack Notification using AWS Lambda, Amazon EventBridge and CloudWatch Logs Insights2024-01-25T05:04:59+00:00

Managing Amazon GuardDuty Security Findings Across Multiple Accounts

2023-05-02T05:23:52+00:00

In our previous article, we discussed how GuardDuty can help organizations monitor their workloads and  AWS accounts from malicious activities and how to monitor findings with Amazon CloudWatch Events. Imagine that your organization has multiple AWS accounts for different workloads, teams, and projects. With every account, you need to monitor GuardDuty findings individually. It will be quite difficult for your security team to monitor these findings with their constant switching between AWS accounts.  Amazon GuardDuty supports the consolidation of these findings to one AWS account. For example, your organization has 10 AWS accounts. All you have to do is to [...]

Managing Amazon GuardDuty Security Findings Across Multiple Accounts2023-05-02T05:23:52+00:00

Monitoring GuardDuty Findings with Amazon CloudWatch Events

2023-05-27T08:47:29+00:00

Large scale cyber attacks are now becoming normal in this age of interconnectivity. As we rely more and more on cloud technologies, companies are looking to tap into digital innovations to improve their businesses. Cyber attacks are costing companies millions of dollars of downtime not to mention the possibility of lawsuits whenever an attack occurs. It is imperative that security teams have the means to prevent, detect, and take actions to ensure that the security of their workloads in AWS are airtight. Amazon GuardDuty was released during the 2017 re:Invent conference. Amazon GuardDuty is an agentless threat detection service that [...]

Monitoring GuardDuty Findings with Amazon CloudWatch Events2023-05-27T08:47:29+00:00

AWS Secrets Manager vs Systems Manager Parameter Store

2024-11-14T00:51:27+00:00

Bookmarks AWS Systems Manager Parameter Store AWS Secrets Manager Similarities and Differences Managing the security of your applications is an integral part of any organization especially for infrastructures deployed in the cloud. One aspect of application security is how the parameters such as environment variables, database passwords, API keys, product keys, etc. are stored and retrieved. As a best practice, secret information should not be stored in plain text and not be embedded inside your source code. It is also recommended to set up an automated system to rotate passwords or keys regularly (which [...]

AWS Secrets Manager vs Systems Manager Parameter Store2024-11-14T00:51:27+00:00

Amazon Cognito User Pools vs Identity Pools

2024-08-29T01:45:49+00:00

Bookmarks Amazon Cognito User Pools Amazon Cognito Identity Pools With the proliferation of smartphones in our connected world, more and more developers are quickly deploying their applications on the cloud. One of the first challenges in developing applications is allowing users to log in and authenticate on your applications. There are multiple stages involved in user verification and most of these are not visible from the end-user. AWS provides an easy solution for this situation. User Identity verification is at the core of Amazon Cognito. It provides solutions for three key areas of user identification:  [...]

Amazon Cognito User Pools vs Identity Pools2024-08-29T01:45:49+00:00

Locking your Glacier Vault using the Amazon S3 Glacier API

2025-02-25T12:22:16+00:00

What is Amazon S3 Glacier Vault Lock A Glacier Vault can be described as a container for your archived objects in S3 Glacier. To begin using Amazon S3 Glacier, you need a vault. Creating and deleting vaults can be easily done in the AWS Management Console, but interacting with them requires you to use the APIs. For example, let’s say you want to upload images or log files to your vault. To do so, you would either use the AWS CLI or write code that would upload these objects. Large corporations often have compliance requirements with how they store their [...]

Locking your Glacier Vault using the Amazon S3 Glacier API2025-02-25T12:22:16+00:00

Amazon S3 Bucket Policies for VPC Endpoints

2023-06-05T03:11:03+00:00

Amazon S3 and Amazon VPC Relationship Amazon S3 is a versatile object storage solution that boasts virtually unlimited storage capacity. You can expect that your files will be durably stored in S3 given that AWS provides an SLA for this service. When creating your S3 bucket, AWS provides you with a unique bucket URL that you can use to access your S3 bucket directly from the public internet, if you have public access enabled.  Amazon S3 is a service that is not used within a VPC. This means that traffic does not pass through VPC resources such as internet gateways [...]

Amazon S3 Bucket Policies for VPC Endpoints2023-06-05T03:11:03+00:00

Amazon Detective

2025-12-26T18:24:39+00:00

Bookmarks Concepts Limits Common Use Cases Amazon Detective Cheat Sheet The service automatically collects log data from your AWS resources and uses machine learning, statistical analysis, and graph theory to build a linked set of data that enables you to easily conduct faster and more efficient security investigations. It can be integrated with AWS security services like Amazon GuardDuty, Amazon Macie, and AWS Security Hub, as well as partner security products to identify potential security issues or findings. Overview & Data Sources Automatic Data Ingestion: Detective analyzes trillions of events from multiple data sources: [...]

Amazon Detective2025-12-26T18:24:39+00:00

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Upskill and earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try! 

All products - Video Courses,
Practice Exams and eBooks
NON-PROMO
PERIOD
25% OFF Sale
eBooks as low as $6.99 $2.99
AWS Associate-Level Video Courses $12.99 $9.74
AZ-900, AI-900, KCNA Practice Exams $12.99 $9.74
AWS Foundational, Associate & Pro-Level Mock Exams $14.99 $11.24
AZ-104, AZ-305, AZ-400 & AZ-500 Mock Exams  $14.99 $11.24
AWS Specialty Practice Exams  $17.99 $13.49
AWS CCP Triple Bundle $29.97 $21.72
AWS Associate-Level Triple Bundle  $34.97 $24.97