Ends in
00
days
00
hrs
00
mins
00
secs
ENROLL NOW

🚀 Get 20% OFF All Azure Products Today — Azure Super Sale!

AWS Security & Identity Services

Home » AWS Cheat Sheets » AWS Security & Identity Services » Page 3

AWS Secrets Manager

2025-12-28T15:50:48+00:00

Bookmarks Features How Secret Rotation Works Security Compliance Pricing Validate Your Knowledge AWS Secrets Manager Cheat Sheet AWS Secrets Manager is a secret management service that enables you to securely rotate, manage, and retrieve database credentials, API keys, OAuth tokens, and other secrets throughout their lifecycle. It eliminates the need to hard-code credentials in applications and improves security posture. Features Encryption & Secure Transmission: Secrets are encrypted at rest using AWS KMS keys (customer-managed or default) and transmitted securely over TLS. Secret Rotation: Rotate secrets on schedule or on demand via [...]

AWS Secrets Manager2025-12-28T15:50:48+00:00

AWS Security Hub

2025-12-28T16:10:04+00:00

Bookmarks Features How It Works Concepts Pricing AWS Security Hub Cheat Sheet AWS Security Hub provides a comprehensive view of your security posture across AWS accounts by aggregating, organizing, and prioritizing security findings from AWS services, AWS partner tools, and automated compliance checks. It helps evaluate compliance with industry standards and best practices. Features Centralized Security Findings Aggregates security alerts (findings) across AWS services such as: Amazon GuardDuty Amazon Inspector Amazon Macie AWS IAM Access Analyzer AWS Firewall Manager AWS Audit Manager Integrated AWS Partner security solutions Multi-Account Support via AWS Organizations Integrates [...]

AWS Security Hub2025-12-28T16:10:04+00:00

Amazon GuardDuty

2026-02-18T02:33:55+00:00

Bookmarks How It Works GuardDuty Findings Trusted IP Lists and Threat Lists Pricing Validate Your Knowledge Amazon GuardDuty Cheat Sheet Amazon GuardDuty is an intelligent threat detection service that analyzes billions of events across your AWS accounts from: AWS CloudTrail (user and API activity) Amazon VPC Flow Logs (network traffic) DNS Logs (name query patterns) Features UnauthorizedAccess: Detects API calls from external hosts using Lambda-created temporary credentials. Extended Threat Detection: Detects multi-stage attacks (EC2/ECS/EKS sequences). Runtime Monitoring Updates: Monitors latest agent versions for EC2, ECS, EKS-Fargate. Malware Protection for Backup: Scans EBS [...]

Amazon GuardDuty2026-02-18T02:33:55+00:00

AWS Artifact

2025-12-26T19:06:37+00:00

AWS Artifact Cheat Sheet AWS Artifact is a legally binding, self-service portal that provides on-demand access to AWS’ compliance reports and select online agreements. It serves as your central repository for audit artifacts, allowing you to demonstrate to auditors or regulators that your AWS infrastructure meets specific security and compliance standards. Overview & Key Capabilities Central Compliance Repository: A single location to download audit artifacts and manage agreements. Audit Artifacts: Evidence (reports, certifications) that validates AWS security controls are effective and compliant. Legal Agreements: Review, accept, and manage contracts like the Business Associate Addendum (BAA) for HIPAA. Third-Party Visibility: Access [...]

AWS Artifact2025-12-26T19:06:37+00:00

Amazon Macie

2025-12-26T19:02:19+00:00

Bookmarks Concepts Pricing Amazon Macie Cheat Sheet Amazon Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in Amazon S3. Primary Focus: S3 Bucket security posture (Encryption/Public Access) and Sensitive Data Discovery (PII, PHI, Credentials). Legacy Note: Macie Classic features (CloudTrail anomaly detection, user behavior analytics) have been removed. Use Amazon GuardDuty for threat detection and AWS CloudTrail Insights for anomaly detection. Features Automated Sensitive Data Discovery Continuous sampling of S3 objects to detect sensitive data. Interactive heatmap showing [...]

Amazon Macie2025-12-26T19:02:19+00:00

IP Blocking: Use AWS WAF or NACL?

2023-08-14T02:45:24+00:00

What should you do if you identified a series of malicious attacks on your application coming from a specific IP address? Will you use AWS WAF to block that IP address or create a rule in your Network Access Control List to deny traffic from that IP? It is true that AWS WAF can filter web requests based on IP addresses, HTTP headers, HTTP body, or URI strings, to block common attack patterns, such as SQL injection or cross-site scripting. NACL, on the other hand, acts like a firewall for controlling traffic in and out of your subnets. If the [...]

IP Blocking: Use AWS WAF or NACL?2023-08-14T02:45:24+00:00

AWS Directory Service

2025-12-28T09:47:31+00:00

Bookmarks Concepts Active Directory Schema Features Security and Monitoring Pricing Active Directory Connector Simple AD Amazon Cloud Directory AWS Directory Service Cheat Sheet For Microsoft Active Directory AWS Directory Service provides multiple ways to use Microsoft Active Directory (AD) or other directory structures with AWS services. It allows your directory-aware workloads (like EC2 instances, RDS for SQL Server, and WorkSpaces) to use managed Active Directory in the AWS Cloud. Concepts Managed Infrastructure: AWS creates two Domain Controllers (DCs) in two different subnets (AZs) within your VPC. Note: You do [...]

AWS Directory Service2025-12-28T09:47:31+00:00

Amazon Inspector

2025-12-26T18:49:48+00:00

Bookmarks Features Concepts Rules Packages and Rules Assessment Reports Pricing Amazon Inspector Cheat Sheet Amazon Inspector is an automated vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure. Legacy Note: This service replaces "Amazon Inspector Classic." Inspector Classic required manual scheduling and custom agents; the new Inspector is continuous, automated, and integrated with AWS Organizations. Key Capabilities Continuous Scanning: Automatically detects and scans new resources; rescans whenever changes occur (new software, new CVEs, infrastructure changes). Multi-Resource Coverage: Scans Amazon EC2, Amazon ECR container images, AWS Lambda [...]

Amazon Inspector2025-12-26T18:49:48+00:00

AWS Key Management Service (AWS KMS)

2025-12-28T11:48:45+00:00

Bookmarks Features Concepts Importing Keys Deleting Keys Pricing Validate Your Knowledge AWS KMS Cheat Sheet A managed service that enables you to easily encrypt your data. KMS provides a highly available key storage, management, and auditing solution for you to encrypt data within your own applications and control the encryption of stored data across AWS services. Features AWS KMS is integrated with CloudTrail, which provides you the ability to audit who used which keys, on which resources, and when. AWS KMS keys are used to control access to data encryption keys [...]

AWS Key Management Service (AWS KMS)2025-12-28T11:48:45+00:00

AWS Organizations

2025-12-28T13:27:46+00:00

Bookmarks Features Administrative Actions in Organization Concepts Pricing Validate Your Knowledge AWS Organizations Cheat Sheet AWS Organizations is a management service that enables centralized governance of multiple AWS accounts. It supports policy-based controls, consolidated billing, hierarchical account management, and organization-wide governance. Key Terms Organization: A collection of AWS accounts managed centrally. Management Account: Main account that creates and administers the organization; acts as the payer account. Member Account: Any account (besides the management account) that is part of an organization. Administrative Root: Top container in the organization’s hierarchy; all OUs and accounts [...]

AWS Organizations2025-12-28T13:27:46+00:00

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Upskill and earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!