Summary and Quiz

Revise and test your knowledge of AWS security services.

We'll cover the following

Summary
Test your knowledge

Let’s look at some key takeaways from this section and then we’ll put our learnings to a test by attempting a quiz.

Summary

Here’s a summary of the key takeaways from this section:

IAM: IAM (Identity and Access Management) is a security and management service that provides external entities with secure access to AWS services or resources within the AWS account. It takes care of both authentication and authorization.
IAM policy: An IAM policy is a JSON document that allows us to define the scope of permissions of the principal entities. There are six types of IAM policies:
- Identity-based policy
- Resource-based policy
- Permission boundary policy
- Session policy
- ACL
- SCP

The circumstances determine the type of IAM policy to be used.

IAM user: An IAM user is an IAM resource we can use to provide long-term AWS Management Console access to an external user. When using an AWS account for a longer period, the best practice is to create IAM user accounts for each operation unit. This helps us secure our root account and also prevents the user from performing any unwanted actions.
IAM roles: An IAM role is an IAM resource we can use to provide short-term AWS access to the requesting entity. IAM roles usually have both identity-based and resource-based policies attached to them that are used for authorization and authentication, respectively.
AWS Audit Manager: This service allows us to audit our AWS resources and simplifies how we manage and assess risk in compliance with industry standards. It automates the process of collecting evidence, allowing us to ensure the policies, activities, and procedures we have created are working as expected.
AWS Artifact: It is an AWS-managed repository of security and compliance reports and select online agreements. We can utilize these reports to demonstrate the compliance of our AWS infrastructure.

Get hands-on with 1400+ tech skills courses.

Introduction

AWS Fundamentals

AWS Core Services

Understanding AWS Compute Services — From Zero to Hero

Working with AWS S3 Cross-Region Replication

Getting Started with Virtual Private Cloud (VPC) in AWS

Fundamentals of AI and ML

AWS Pre-Build Machine Learning Models

Understanding Machine Learning Services on AWS—From Zero to Hero

Accelerate Code Development Using Amazon Q

Amazon SageMaker

Deploying a Machine Learning Model with Amazon SageMaker

Performing Automatic Hyperparameter Tuning in SageMaker

Fundamentals of Generative AI

Amazon Bedrock

Code Development Using Amazon Bedrock

Using Amazon Bedrock for Content Moderation

Retrieval-Augmented Generation (RAG) with Amazon Bedrock

Building a RAG Chatbot Using LangChain and Amazon Bedrock

Building Generative AI Workflows with Amazon Bedrock

AWS Security Services

Securing AWS Resources: Managing Access with IAM

Encrypting S3 Buckets and EBS Volumes Using KMS

Finding Vulnerabilities on EC2 Instances Using AWS Inspector

AWS Analytics Services

Getting Started with Amazon EMR

Getting Started with Amazon Redshift

Automating Data Processing with AWS Glue DataBrew

AWS Databases

Understanding AWS Database Options—From Zero to Hero

Achieving Ultra-Fast Performance Using Amazon MemoryDB for Redis

AWS Management and Governance

Analyzing S3 Data and CloudTrail Logs Using Amazon Athena

Getting to Know Amazon CloudWatch

Getting Started with AWS Config

AWS Billing and Cost Management

Wrapping Up

Practice Exam I - AWS Certified AI Practitioner

Practice Exam I Solution

Practice Exam II - AWS Certified AI Practitioner

Practice Exam II Solution

Summary and Quiz

Summary