Implementing IAM Security in AWS
2 H 44 M
- Episode Description
WEBVTT >> Welcome and thanks for joining us for the overview to Implementing IAM Security in AWS. This is going to be a fun course, relatively short, but it'll be a lot of good material. I'm going to be your host for this course, Sophie Goodwin. I'll be asking questions along the way that you might have at home, and acting as a learner advocate to ask questions that you've got. I also have been hosting other security courses here on the site, like Intro to AWS Pentesting, which was about a year ago. And then I recently got my first cybersecurity certification. So learning a lot more about cyber, dipping my toe into that field, and you're in good hands. But with me is our subject matter expert, Jill West. She's got a lot more experience in AWS than I do. So Jill, tell us a little bit about yourself. >> Congrats again on your first certification. That's really exciting. Great start. So my name is Jill West. My background is actually in education. I've taught everything from kindergarten through higher education in various learning environments and using various teaching approaches. And then I started migrating into IT about years ago. I started writing textbooks for Cengage, started with the CompTIA A Plus course, and then I transferred over to the CompTIA Network Plus course, which I still write for Cengage. Then we added the CompTIA Cloud Plus course a few years ago. So we had the first edition. We've already got the second edition that's out. And we're already talking about the third edition. So this is really exciting. This is where I started learning about AWS, was writing that particular course. And I just got to say that this is a really fascinating time to be in IT. I also teach at a technical college in Georgia. So we are having to reinvent how we teach IT in higher ed. Cloud is the way that we do IT now. And that was not the way we were doing IT when a lot of us were learning about IT in school. So now we're having to reinvent how we teach it. How can we incorporate cloud concepts and cloud principles in everything? Pretty much all of our classes, it gets into all of it. It's not just any one particular course. We have to incorporate cloud everywhere. So that's kind of where we're at right now with my background and why I'm excited about this course. So >> one of the exams that you might be looking to take that we'll mention throughout this course is that AWS Security Specialty exam. So if you are looking to take that, this is one of the modules you'll want to watch. But other than that, what is kind of the target audience for this course as far as experience level and things like that? >> Right. So AWS recommends that anyone who would be taking this exam needs to have at least five years experience working in cybersecurity. So you've been securing on-prem environments. Maybe you've worked in a few other cloud environments, something like that, designing and implementing security solutions. And then they also recommend that you've had at the very least two years of hands-on experience securing workloads in AWS. So this would not be two years from when you created your first AWS account. This is two years of actually working to design and secure the security systems for designing and for security, if I can say that right. This is two years of securing workloads in AWS and helping to design those systems, get it all out there right. Right. It's not just about having two years experience, being aware of AWS and having an account. It's about actually using this stuff. Right. It's not from creating an EC2 instance. It's how do I secure these instances? How do I secure containers? All of that. >> So one of the things that we're probably going to be talking about here in this course is there is a big difference a lot of times between on-prem security and cloud security. And AWS is of course the cloud. So we're going to be talking a little bit more about that in this course, right? >> Right. So a cloud native approach to cybersecurity is heavily emphasized on identity-based security. Having a strong identity foundation for your cloud access control, that's really where it's at with cloud security. In the on-prem environment, we think about the perimeter and what's outside is bad and what's inside is most likely good. And then in the cloud, you can't think that way because we don't have that type of perimeter. Instead, we control access to each individual resource and service through identity-based access control. So this course or this module is covering IAM, identity and access management and all of the different policies that you can use, all the different ways that different pieces and parts overlap each other, how you can control access, not just by your human users, but also by your services and your own resources, >> how much access they have to each other. We'll talk about policies, federation and SSO and things like that. We've got a lot of neat topics and important stuff that we're going to cover in this course. So we're looking forward to having you join us for that. But for now, thank you for kind of giving us an overview as to what we're going to get into. And thank you for joining us for this overview into implementing IAM security in AWS. We'll see you in the course.