Time
27 minutes
Difficulty
Intermediate
CEU/CPE
1

Video Transcription

00:00
All right, so in this lecture, we're gonna talk about security fundamentals.
00:04
Always finds to be a helpful lecture. One reviewing kind of the ideas behind I am. Ah. So we're gonna go ahead and die of fright. And so when we're dealing with cloud security,
00:15
ah, the same principles that we deal with in for a sec are gonna be, you know, applied here in cloud security as well. So we're gonna be using confidentiality integrity, availability has the pillars
00:26
for our purpose and trying to secure a cloud environment. Um, and we're gonna be talking a little bit about how all these apply at later in this lecture.
00:37
So I want you to keep that in mind. Here's a funny little joke. Ah, that I found online. You can't fall for phishing scams if you don't check your e mail. Ha ha ha.
00:46
But we all know that's not possible because you need to check your email. So,
00:51
um, you know, it's ah, funny, funny to think that way, but, you know, things have to stay accessible. You start to be able to function and use them, and your people need to be able to use them and they need to be trained on how to do so. But your environment also needs to be designs redundantly.
01:08
Your environment needs to be designed with integrity and confidentially confidentiality in line. In order for your
01:15
infrastructure and your applications to stay secure, the other core pillars they want to keep in mind. When you're dealing with Claude security are your authentication authorization auditing. So I am gonna be your authentication authorizations. Gonna be your policies basically allowing who access to what?
01:32
And auditing which will be your cloudtrail.
01:36
Ah, tool, which is gonna be monitoring all the activity for They're all users and all the service is in your AWS account.
01:44
Um and you know, that's that's something that you can access through co tro. We don't talk a whole lot about Chlo Trail on this course because this is more focused on I am in the policies. But ah, I do encourage you to review my other courses, which I do talk about Quatro and review the documentation for more information.
02:01
So as far as the C I A Triad goes, here's a little diagram I found online
02:08
and I want to talk a little bit about the service's and kind of where they fall. So I am. And you're multi factor authentication are gonna fall within the confidentiality. So this is going to protect your route accounts is gonna protect your other user accounts and protect all the power you know the almighty being for your roots.
02:28
Ah, a dubious account and
02:30
limiting access to only with necessary with the little the little or ah accounts that you know you may be distributing to your users and your team's on eight of us
02:45
availability will be your auto scaling and your availability zones. Availability zones are, you know, kind of like part of the geographical regions. Um, they're they're they're segments within a region in which the service's will be access so you might spend a penny, see two instance and a specific availability zone,
03:02
and in order for you to stay how they available, you might want to spend another
03:06
easy to winces at a different availability zone and clone them that way. If one fails, you can always spend up, or you can always point to the traffic, too.
03:15
The other one in the other availability zone and then auto scaling kind of allows you to Ah, do that. You can just kind of scale up. According Thio, Whatever your needs are, if you're if you're just dealing with, you know, lots of traffic, then you can spend it more instances and spend them out across
03:36
globally. So you don't have to have in a long once one place geographically, but you can have it all across the world,
03:40
and then the integrity would be your bucket policies. Also I am and your certificate manager, which we're gonna talk a little bit more about that. So most of the focus will be on confidential confidentiality and integrity for this course. So let's go ahead and continue on and dive right into this. I'll see you guys in the next lecture.

Up Next

Identity Access Management in AWS

In this course, students will learn feature details of AWS IAM and gain an understanding of IAM relationships with other AWS services.

Instructed By

Instructor Profile Image
Nicolas Moy
Senior Cloud Security Engineer
Instructor