AWS Developer Associate: AWS Security & Encryption


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description

To ensure data and applications on the AWS cloud are secure, AWS developers require a sound understanding of which tools and services to use in a given situation and how to use them.

In this course, you’ll begin by exploring how encryption is used to protect data and how the Key Management Service (KMS) is used to manage and control access keys. You’ll then use the KMS console and the AWS CLI to create a customer master key (CMK). Next, you’ll create secure string parameters using the AWS Systems Manager Parameter Store. You’ll then examine the Security Token Service (STS) in AWS and how it is used to obtain temporary restricted-privilege credentials for AWS IAM users. Lastly, you’ll work with encryption configurations to manage and monitor encryption requirements using encryption headers.



Expected Duration (hours)
1.3

Lesson Objectives

AWS Developer Associate: AWS Security & Encryption

  • discover the key concepts covered in this course
  • outline how encryption is used to protect data
  • describe how Key Management Service (KMS) is used to manage keys on AWS
  • recall how to control access keys on AWS
  • create a customer-managed key (CMK) in the KMS console
  • manage access to CMKs through key and IAM policies
  • encrypt and decrypt data using a CMK and the AWS CLI
  • use a CMK to encrypt and decrypt secret data to be used by a Lambda function
  • create secure string parameters with AWS Systems Manager (SSM) Parameter Store
  • manage secrets using AWS Secrets Manager
  • encrypt CloudWatch logs using KMS
  • relate how to obtain temporary restricted-privilege credentials for AWS IAM users
  • summarize the key concepts covered in this course

    • Course Number:
    it_clawsda2020_15_enus

    Expertise Level
    Intermediate