Implementing Mechanisms to Enforce Multi-Account Security in AWS - Introduction
This course looks at how to implement mechanisms to enforce multi-account security in AWS. As your organization develops, expands, and continues to build more and more solutions, it won't be too long before the need to implement multiple accounts arises. Running multiple accounts brings many benefits, but also some challenges as well. One of those challenges is how to implement, manage and monitor your resources for security threats, vulnerabilities and weaknesses, both effectively and in a centralized manner for ease of operational support.
This course will look at how to implement controls to resolve this challenge by analyzing some of the AWS services and features available to help you implement refined security controls across all of your accounts.
Intended Audience
The lessons within this course are recommended for those that already have a foundational understanding of AWS and security, in addition to a working knowledge of some of the AWS security services. If you are new to many of the services discussed in this course, then we do have a supporting course entitled AWS security services which provides a deep dive into many of these services.
Learning objectives
By the end of this course, you will have the knowledge and understanding
- Of the core principles of cross-account access using IAM, as well as have the knowledge of how to implement and configure it within your own AWS accounts
- To share your CMKs used within the AWS Key Management Service service across each of your AWS accounts, allowing you to implement encryption using the same keys
- To implement, manage and monitor your own Amazon GuardDuty findings across your own accounts through the analysis of AWS CloudTrail event logs, VPC flow logs, and DNS logs
- To implement the sharing of resources between different AWS accounts using AWS Resource Access Manager
Feedback
If you have any questions, thoughts or ideas for content to be added, then please get in touch with us here at Cloud Academy by sending an email to support@cloudacademy.com.