Learn the best practices for IAM objects.
- [Instructor] There are a large number…of IAM best practices but I…pulled together my favorites here.…Don't share your AWS login credentials…for users or services, particular check on this…for your developers, everybody should have…their own credentials and services…such as EC2 should actually use rolls rather than users.…Use least privilege and policy conditions…and restrictions in production.…Enable MFA for highly privileged users,…so your admin users in particular in root.…No one would be logging in with a root account…in a product environment, absolutely no one.…
Turn on auditing for key users.…We're going to look at auditing in general…later in this course, but just to preview it,…we'll be using cloud trail for auditing.…You can use federated login, this is really a best practice.…I've seen this a federated with Active Directory…and so the idea there is you've got some sort…of matching through a directory…or even you can use external certificates…so you have single sign on, which actually is great…because it's less administrative overhead…
- Security and governance approaches
- Service cost predictability
- Protecting data in-flight and at-rest
- IAM best practices
- Security via AWS Inspector, AWS Trusted Advisor, and AWS KMS
- Console tools for cost control
- Total service costs for AWS
- Using the AWS billing dashboard
- Third-party security and governance tools
- Approaches to security and cost control
Skill Level Advanced
1. Security and Governance Approaches
2. Security and Governance for Services
3. AWS Tools for Security and Governance
4. Advanced and Third-Party Tools
Next steps1m 13s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.