/cloud-network-security

Creative Commons Zero v1.0 UniversalCC0-1.0

Cloud Network Security

Welcome to my Cloud Network Security 2-day course!

Who is this course intended for?

  • People in tech using AWS who want to understand more about how apps are architected at the network level
  • Security specialists who would like to increase their exposure to security in the cloud
  • Anyone planning to sit an associate level AWS exam who'd like an indepth understanding of VPCs, subnets, route tables etc
  • Aspiring cloud architects who are looking for a basic introduction to cloud networking
  • People keen to get their hands dirty in the AWS console, via cloudformation and the AWS CLI (this is a practical course)

Who is this NOT intended for?

  • People who are looking for a Cloud 101 or "Why should you migrate to the cloud?" course
  • Developers looking for ways to make their code more secure - this is important, but not in the scope of this course
  • This will not teach you how to find misconfigured s3 buckets and exposed keys, there's plenty of courses out there on this

What do you need to complete this course?

  • This course requires you to have the following:

    • An AWS account that you are authorised to deploy resources to
    • A laptop
    • Installation of the AWS CLI
    • An IDE/text editor (I use VS Code)
    • Dollars^ - the resources deployed in this course cost money, which is good to know!

    ^ Participants in this course will be given a $50 voucher, as long as resources are removed from their account at the end of the training, then this will be more than enough. Bill shock incurs when you keep resources running.

How will this course be delivered?

I'd like to strike a balance between theory and practical. Practical with no theory and you have no concept of the WHY behind things. Theory without the practical is a total snooze fest.

As this deals with a lot of networking concepts, I've included as much visual guides as possible so we don't get lost or we feel like we're reading a white paper.

What can I expect to be covered in this course?

Turns out, a secure cloud network is really just 'good networking'. This is not meant to act as an expert guide to be applied in your enterprise workplace. You can expect an introduction to what resources help secure your cloud network and how to use them.

I'll cover some of the key parts of what makes a cloud network secure. I hope participants will leave the course with a solid introduction to some of the concepts to be expanded on and applied in different networking ecosystems.

Here's a list of the AWS resources we'll be going over:

  • IAM*
  • EC2*
  • VPCs including Route Tables, NAT Gateways, Internet Gateways*****
  • Subnets*****
  • WAFv2 (as opposed to the classic WAF)*****
  • Cloudfront***
  • Application Load Balancer***
  • AWS Certificate Manager****
  • Route53***
  • Systems Manager (specifically Session Manager)**

Here's a list of some of the networking concepts we'll be covering:

  • CIDR**
  • Subnetting**
  • OSI Model*
  • SSL/TLS and HTTPS*****

****'s indicate how much depth we'll be going into that topic. The more stars, the more we're going to cover.