FacebookTwitterYouTubeLinkedInSlackSlack

AWS Security & Identity Services

Home » AWS Cheat Sheets » AWS Security & Identity Services » Page 2

AWS Resource Access Manager

2023-06-20T19:26:33+00:00

AWS Resource Access Manager Cheat Sheet A service that enables you to easily and securely share AWS resources with any AWS account or, if you are part of AWS Organizations, with Organizational Units (OUs) or your entire Organization. If you share resources with accounts that are outside of your Organization, then those accounts will receive an invitation to the Resource Share and can start using the shared resources upon accepting the invitation. Only the master account can enable sharing with AWS Organizations. The organization must be enabled for all features. RAM eliminates the need to create duplicate resources in multiple [...]

AWS Resource Access Manager2023-06-20T19:26:33+00:00

AWS Certificate Manager

2024-02-19T06:29:32+00:00

Bookmarks Concepts Types of Certificates For Use With ACM ACM Private Certificate Authority Domain Verification for Certificates Pricing Validate Your Knowledge AWS Certificate Manager Cheat Sheet A service that lets you easily provision, manage, and deploy public and private SSL/TLS certificates for use with AWS services and your internal connected resources. SSL/TLS certificates are used to secure network communications and establish the identity of websites over the Internet as well as resources on private networks. ACM is integrated with the following services: Elastic Load Balancing Amazon CloudFront - To use an [...]

AWS Certificate Manager2024-02-19T06:29:32+00:00

Using the Secure String Parameter in Systems Manager Parameter Store

2023-06-07T04:22:19+00:00

What is AWS Systems Manager Parameter Store AWS Systems Manager Parameter Store helps you securely store and share key-value pairs across your AWS environment. It is one of the packages under AWS Systems Manager that helps you design a more robust and abstract infrastructure. With Parameter Store, you don’t have to hard code parameters nor save them in config files for application use. You can easily reference them in your applications and AWS resources using the unique parameter store key of those items.  Parameter Store supports a lot of use cases, from saving unencrypted plaintext to more sensitive information such [...]

Using the Secure String Parameter in Systems Manager Parameter Store2023-06-07T04:22:19+00:00

Amazon Cognito

2024-01-18T07:29:47+00:00

Bookmarks How It Works User Pools Identity Pools Common Use Cases Pricing Validate Your Knowledge Amazon Cognito Cheat Sheet A user management and authentication service that can be integrated to your web or mobile applications. Amazon Cognito also enables you to authenticate users through an external identity provider and provides temporary security credentials to access your app’s backend resources in AWS or any service behind Amazon API Gateway. Amazon Cognito works with external identity providers that support SAML or OpenID Connect, social identity providers (Facebook, Twitter, Amazon, Google, Apple) and you [...]

Amazon Cognito2024-01-18T07:29:47+00:00

AWS Secrets Manager

2024-02-19T07:18:28+00:00

Bookmarks Features How Secret Rotation Works Security Compliance Pricing Validate Your Knowledge AWS Secrets Manager Cheat Sheet A secret management service that enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. Features AWS Secrets Manager encrypts secrets at rest using encryption keys that you own and store in AWS Key Management Service [customer managed keys]. When you retrieve a secret, Secrets Manager decrypts the secret and transmits it securely over TLS to your local environment. You can rotate secrets on a schedule [...]

AWS Secrets Manager2024-02-19T07:18:28+00:00

AWS Security Hub

2024-01-18T07:46:24+00:00

Bookmarks Features How It Works Concepts Pricing AWS Security Hub Cheat Sheet AWS Security Hub provides a comprehensive view of your security state within AWS and your compliance with security industry standards and best practices. Features You now have a single place that aggregates, organizes, and prioritizes your security alerts, or findings, across multiple accounts, AWS partner tools, and AWS services such as Amazon GuardDuty, Amazon Inspector, Amazon Macie, AWS IAM Access Analyzer, AWS Firewall Manager, and AWS Audit Manager. AWS Security Hub works with AWS Organizations to simplify security posture management across [...]

AWS Security Hub2024-01-18T07:46:24+00:00

Amazon GuardDuty

2023-07-11T03:22:09+00:00

Bookmarks How It Works GuardDuty Findings Trusted IP Lists and Threat Lists Pricing Validate Your Knowledge Amazon GuardDuty Cheat Sheet An intelligent threat detection service. It analyzes billions of events across your AWS accounts from AWS CloudTrail (AWS user and API activity in your accounts), Amazon VPC Flow Logs (network traffic data), and DNS Logs (name query patterns). How It Works GuardDuty is a regional service. Threat detection categories Reconnaissance -- Activity suggesting reconnaissance by an attacker, such as unusual API activity, intra-VPC port scanning, unusual patterns of failed login requests, or [...]

Amazon GuardDuty2023-07-11T03:22:09+00:00

AWS Artifact

2024-01-18T07:32:20+00:00

AWS Artifact Cheat Sheet A self-service central repository of AWS’ security and compliance reports and select online agreements. An audit artifact is a piece of evidence that demonstrates that an organization is following a documented process or meeting a specific requirement (business compliant).  AWS Artifact Reports include the following: ISO, Service Organization Control (SOC) reports,  Payment Card Industry (PCI) reports,  and certifications that validate the implementation and operating effectiveness of AWS security controls. AWS Artifacts Agreements include  the Nondisclosure Agreement (NDA)  the Business Associate Addendum (BAA), which typically is required for companies that are subject to the HIPAA Act to [...]

AWS Artifact2024-01-18T07:32:20+00:00

Amazon Macie

2024-01-18T07:31:33+00:00

Bookmarks Concepts Pricing Amazon Macie Cheat Sheet A security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS. Macie recognizes sensitive data such as personally identifiable information (PII) or intellectual property. Amazon Macie allows you to achieve the following: Identify and protect various data types, including PII, PHI, regulatory documents, API keys, and secret keys Verify compliance with automated logs that allow for instant auditing Identify changes to policies and access control lists Receive notifications when data and account credentials leave protected zones Detect when large quantities of business-critical [...]

Amazon Macie2024-01-18T07:31:33+00:00

IP Blocking: Use AWS WAF or NACL?

2023-08-14T02:45:24+00:00

What should you do if you identified a series of malicious attacks on your application coming from a specific IP address? Will you use AWS WAF to block that IP address or create a rule in your Network Access Control List to deny traffic from that IP? It is true that AWS WAF can filter web requests based on IP addresses, HTTP headers, HTTP body, or URI strings, to block common attack patterns, such as SQL injection or cross-site scripting. NACL, on the other hand, acts like a firewall for controlling traffic in and out of your subnets. If the [...]

IP Blocking: Use AWS WAF or NACL?2023-08-14T02:45:24+00:00

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!