Learn about CloudTrail, a facility within AWS for logging API calls. Learn that AWS is built on a set of microservices which are presented as APIs, and that you can interact with AWS APIs from a number of programming languages including Java, Microsoft .NET, Ruby, Python, and PHP. Learn about the AWS Command Line Interface (CLI) and Web Console that uses these APIs. Learn exactly how to turn on CloudTrail within your AWS account, including the creation of an S3 bucket in which to store logs
- [Narrator] CloudTrail is a service within AWS…that provides comprehensive API login capabilities.…Let's explore what CloudTrail is, what it can do for you,…and how to get it configured.…AWS famously uses application programming interfaces,…or APIs as the foundational internal communication protocol.…APIs provide a consistent way to interact with AWS services…from a variety of different sources.…For instance, suppose you want to interact programmatically…with Elastic Compute Cloud or EC2 instances.…
EC2 instances are virtual servers running in AWS.…AWS provides software development kits, or SDKs,…for a variety of popular programming languages including…Java, Microsoft .NET,…Ruby, Python, and PHP to name a few.…Under the covers, all of these SDKs…use the same back-end API to interact with EC2.…Even better, AWS's user facing tools…including the AWS command line interface, or CLI,…and the Amazon web service's web Console,…both use the same back-end API to communicate with EC2.…
This is where CloudTrail comes in.…
Sharif Nijim couples pragmatic advice with practical examples that educate IT pros on how to create a secure infrastructure within Amazon Web Services. Sharif explores the shared responsibility model of security, which splits duties between your company and AWS, and introduces key identity and access management concepts, including users, groups, roles, and policies. Learn how to configure Identity and Access Manager (IAM) and Simple Storage Service (S3) access management, including policies and access control lists. At the end of the course, Sharif helps you prepare for the inevitable audit of your AWS account(s).
This course is also part of a series designed to help you prepare for the AWS Certified SysOps Administrator – Associate certification exam.
- Summarize the AWS Shared Responsibility Model.
- Recall how to implement separation of duties.
- Differentiate between assigning permissions to an individual versus a group.
- Summarize how to create IAM roles.
- Describe how to secure financial access.
- Recall the steps for managing access to S3 with IAM.
- Cite the advantages of a pre-signed URL.