Ends in
00
days
00
hrs
00
mins
00
secs
ENROLL NOW

🧑‍💻 AWS Foundation Sale - Certified Cloud & AI Practitioner Mock Exams for only $12.99 each!

AWS Security & Identity Services

Home » AWS Cheat Sheets » AWS Security & Identity Services » Page 2

AWS KMS Key Policy Management in AWS KMS

2024-07-11T12:32:27+00:00

What is an AWS KMS key? In security, a KMS key is what you use to encrypt all other encryption keys in your system. KMS key is a logical representation of a cryptographic key. They are the primary resources in AWS KMS. The AWS KMS Key contains the key material used to encrypt and decrypt data. It also contains metadata such as the key ID, creation date, description, and key state. You can start using AWS KMS through the web console or via API. There are two types of AWS KMS keys that you can create in AWS KMS: symmetric [...]

AWS KMS Key Policy Management in AWS KMS2024-07-11T12:32:27+00:00

Working with AWS KMS key using the AWS KMS API

2024-07-11T09:28:47+00:00

What is AWS Key Management Service? AWS Key Management Service (or KMS for short) is the service you use to securely store your encryption keys in AWS. If you need data encryption on your AWS resources, such as EBS volumes or RDS databases, you can use AWS KMS to simplify the process for you. You start using the service by requesting the creation of a KMS key. By default, AWS KMS creates the key material for your KMS key. You also have the option of importing your own keys to AWS if you wish to. Note that during key rotation, [...]

Working with AWS KMS key using the AWS KMS API2024-07-11T09:28:47+00:00

AWS Resource Access Manager

2025-12-28T15:41:56+00:00

AWS Resource Access Manager Cheat Sheet AWS Resource Access Manager (AWS RAM) is a service that allows you to securely share AWS resources across accounts, organizational units (OUs), or your entire AWS Organization. It eliminates the need to duplicate resources in multiple accounts, simplifying management and maintaining security and consistency. Only the master account can enable sharing with AWS Organizations. The organization must be enabled for all features. RAM eliminates the need to create duplicate resources in multiple accounts. You can create resources centrally in a multi-account environment, and use RAM to share those resources across accounts in three simple [...]

AWS Resource Access Manager2025-12-28T15:41:56+00:00

AWS Certificate Manager

2025-12-26T19:30:21+00:00

Bookmarks Concepts Types of Certificates For Use With ACM ACM Private Certificate Authority Domain Verification for Certificates Pricing Validate Your Knowledge AWS Certificate Manager Cheat Sheet AWS Certificate Manager (ACM) is a service that lets you easily provision, manage, and deploy public and private SSL/TLS certificates for use with AWS services. It removes the manual process of purchasing, uploading, and renewing certificates. Public Certificates (Free): Secure public-facing websites (e.g., www.example.com). These are trusted by browsers by default. Private Certificates (Paid): Secure internal resources (e.g., database servers, internal APIs, IoT devices) within [...]

AWS Certificate Manager2025-12-26T19:30:21+00:00

Using the Secure String Parameter in Systems Manager Parameter Store

2024-07-10T08:42:49+00:00

What is AWS Systems Manager Parameter Store AWS Systems Manager Parameter Store helps you securely store and share key-value pairs across your AWS environment. It is one of the packages under AWS Systems Manager that helps you design a more robust and abstract infrastructure. With Parameter Store, you don’t have to hard code parameters nor save them in config files for application use. You can easily reference them in your applications and AWS resources using the unique parameter store key of those items.  Parameter Store supports a lot of use cases, from saving unencrypted plaintext to more sensitive information such [...]

Using the Secure String Parameter in Systems Manager Parameter Store2024-07-10T08:42:49+00:00

Amazon Cognito

2025-12-26T17:29:18+00:00

How It Works User Pools Identity Pools Common Use Cases Pricing Validate Your Knowledge Amazon Cognito Cheat Sheet A user management and authentication service that can be integrated into your web or mobile applications. Amazon Cognito enables authentication through external identity providers and provides temporary AWS credentials to access your app’s backend resources or any service behind Amazon API Gateway. It supports SAML, OpenID Connect (OIDC), and social identity providers (Facebook, Twitter, Amazon, Google, Apple, Microsoft, LinkedIn), as well as your own identity provider. All Cognito ID tokens are represented as JSON [...]

Amazon Cognito2025-12-26T17:29:18+00:00

AWS Secrets Manager

2025-12-28T15:50:48+00:00

Bookmarks Features How Secret Rotation Works Security Compliance Pricing Validate Your Knowledge AWS Secrets Manager Cheat Sheet AWS Secrets Manager is a secret management service that enables you to securely rotate, manage, and retrieve database credentials, API keys, OAuth tokens, and other secrets throughout their lifecycle. It eliminates the need to hard-code credentials in applications and improves security posture. Features Encryption & Secure Transmission: Secrets are encrypted at rest using AWS KMS keys (customer-managed or default) and transmitted securely over TLS. Secret Rotation: Rotate secrets on schedule or on demand via [...]

AWS Secrets Manager2025-12-28T15:50:48+00:00

AWS Security Hub

2025-12-28T16:10:04+00:00

Bookmarks Features How It Works Concepts Pricing AWS Security Hub Cheat Sheet AWS Security Hub provides a comprehensive view of your security posture across AWS accounts by aggregating, organizing, and prioritizing security findings from AWS services, AWS partner tools, and automated compliance checks. It helps evaluate compliance with industry standards and best practices. Features Centralized Security Findings Aggregates security alerts (findings) across AWS services such as: Amazon GuardDuty Amazon Inspector Amazon Macie AWS IAM Access Analyzer AWS Firewall Manager AWS Audit Manager Integrated AWS Partner security solutions Multi-Account Support via AWS Organizations Integrates [...]

AWS Security Hub2025-12-28T16:10:04+00:00

Amazon GuardDuty

2025-12-26T18:35:43+00:00

Bookmarks How It Works GuardDuty Findings Trusted IP Lists and Threat Lists Pricing Validate Your Knowledge Amazon GuardDuty Cheat Sheet Amazon GuardDuty is an intelligent threat detection service that analyzes billions of events across your AWS accounts from: AWS CloudTrail (user and API activity) Amazon VPC Flow Logs (network traffic) DNS Logs (name query patterns) Features UnauthorizedAccess: Detects API calls from external hosts using Lambda-created temporary credentials. Extended Threat Detection: Detects multi-stage attacks (EC2/ECS/EKS sequences). Runtime Monitoring Updates: Monitors latest agent versions for EC2, ECS, EKS-Fargate. Malware Protection for Backup: Scans EBS [...]

Amazon GuardDuty2025-12-26T18:35:43+00:00

AWS Artifact

2025-12-26T19:06:37+00:00

AWS Artifact Cheat Sheet AWS Artifact is a legally binding, self-service portal that provides on-demand access to AWS’ compliance reports and select online agreements. It serves as your central repository for audit artifacts, allowing you to demonstrate to auditors or regulators that your AWS infrastructure meets specific security and compliance standards. Overview & Key Capabilities Central Compliance Repository: A single location to download audit artifacts and manage agreements. Audit Artifacts: Evidence (reports, certifications) that validates AWS security controls are effective and compliant. Legal Agreements: Review, accept, and manage contracts like the Business Associate Addendum (BAA) for HIPAA. Third-Party Visibility: Access [...]

AWS Artifact2025-12-26T19:06:37+00:00

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Upskill and earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!