This course will examine how cryptography and PKI (public key infrastructure) provide data confidentiality and security in the cloud to ensure that only authorized parties can view sensitive information and be confident of its source. PKI is a hierarchy of digital security certificates that are issued and managed by CAs (certificate authorities). You will learn how to use both PKIs and private CAs and how Amazon's KMS (Key Management Service) facilitates the use of keys. You will learn how to create a KMS key and how to enable EBS (Elastic Block Store) volume encryption. This course examines how KMS supports FIPS (Federal Information Processing Standard) 140-2, and is compliant with HSMs (hardware security modules). Finally, you will learn how to deploy a private CA to issue PKI certificates, request a public certificate and use a DNS (data name source) validation, and use a certificate to enable an application load balancer HTTPS (hypertext transfer protocol service) listener. This course can be used in preparation for the AWS Certified Solutions Architect-Professional SAP-C01 certification exam.
AWS Professional Solutions Architect 2020: Cryptography & PKI