English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 2h 17m | 3.13 GB
AWS Account Setup Best Practices LiveLessons identifies best practices and good guidance that can be applied to existing accounts, including account creation and management, from single- to multi-account organizations. The goal is to provide possible strategies to cut overhead and have seamless account functionality. It discusses how to keep track of billing across diverse architectures using metadata tags; introduces good data security practices and account monitoring strategies that can be used to improve awareness of account activities; and covers recent AWS offerings that consolidate and automate tasks such as account security, account management, and backups. The course closes with pointers toward other AWS and non-AWS tools that can be used to make your life easier and more cost-efficient.
The inspiration for this course came from the realization that there isn’t a targeted discussion around what happens when you’ve already used AWS for a period of time, and realize you didn’t start with a detailed strategy in place. With Chad Smith’s lengthy background in AWS, along with numerous video courses, including the “AWS Certified Security – Specialist Complete Video Course,” he is uniquely positioned to guide you through streamlining your AWS management.
Learn How To
- Set up the root account and know when to use it
- Use access control policies
- Understand monitoring and its impact on billing
- Use CloudWatch and set up billing alarms
- Use tags and implement compliance features
- Use data protection mechanisms in AWS
- Use CloudTrail, GuardDuty, and Macie for monitoring
- Use Control Tower, Security Hub, and AWS Backup to reduce overhead
Lesson 1, “Securing AWS Account Access,” covers the basics of account creation, including the root account and when to use it and access control using policies. You will see a demonstration using AWS Organizations and IAM resources within a newly created account.
Lesson 2, ” Implementing Billing Alarms and Budgets,” discusses monitoring and how it applies to the AWS monthly bill. The CloudWatch service is introduced, along with how to create billing alarms and budgets, followed by a demonstration of each.
Lesson 3, “Tagging Resources with Compliance Checks,” goes over tagging strategies in AWS and how this relates to compliance monitoring. Different services that create tags automatically on the resources they provision are discussed, and the lesson finishes with a demonstration of tagging compliance controls.
Lesson 4, “Protecting Data In-Transit and At-Rest,” details different types of data protection mechanisms in AWS. Services that implement encryption at-rest, both by default as an option are covered, along with encryption in-transit using services and networking features. The lesson then goes into data protection compliance controls and finishes with a demonstration of how to use some of these features in a real-world setting.
Lesson 5, “Monitoring Your AWS Account Activity,” covers account activity audits and how to turn this into actual monitoring. CloudTrail is introduced, as well as the AWS account Event bus, which can be used to funnel events to different services or consolidate events across accounts. This lesson also covers both GuardDuty and Macie as built-in services monitoring activity for abnormal behavior. The lesson ends with a demonstration of how to enable and configure both of these services.
Lesson 6, “Simplifying Account and Infrastructure Management,” dives into recently released offerings that can greatly reduce the overhead of managing accounts and resources. It starts with Control Tower and discusses how it can be used to manage multi-account configurations. Next, it covers Security Hub and its features for consolidating security monitoring. After that, AWS Backup and how it can be used to manage backup processes and lifecycles is discussed, and the lesson finishes with demonstrations of Security Hub and the creation of backup plans.
Lesson 7, “Helpful Resources,” provides some direction on other tools that can be used to automate activities in AWS. It recommends some reading material in the form of AWS whitepapers that can provide guidance and explain some of these best practices in more detail.
01 AWS Account Setup Best Practices LiveLessons (Video Training) – Introduction
02 Learning objectives
03 1.1 AWS Account Basics
04 1.2 Root Account
05 1.3 Permission Types
06 1.4 Demo – AWS Organizations
07 1.5 Demo – Account Access and Permissions
08 Learning objectives
09 2.1 CloudWatch Introduction
10 2.2 Monitoring Infrastructure Costs
11 2.3 Demo – Billing Alarms and Budgets
12 Learning objectives
13 3.1 Tagging Strategies
14 3.2 Applying Tags Automatically
15 3.3 Demo – Tagging Compliance Controls
16 Learning objectives
17 4.1 Encryption at Rest
18 4.2 Encryption in Transit
19 4.3 Implementing Compliance
20 4.4 Demo – Data Protection Compliance Controls
21 Learning objectives
22 5.1 CloudTrail
23 5.2 AWS Acount Event Bus
24 5.3 GuardDuty and Macie
25 5.4 Demo – Enable and Configure GuardDuty_Macie
26 Learning objectives
27 6.1 AWS Control Tower
28 6.2 AWS Security Hub
29 6.3 AWS Backups
30 6.4 Demo – Enable and Use AWS Security Hub
31 6.5 Demo – Create Backup Plans with AWS Backup
32 Learning objectives
33 7.1 AWS Automation Tools
34 7.2 Other Tools
35 7.3 Whitepapers
36 AWS Account Setup Best Practices LiveLessons (Video Training) – Summary