AWS Security Study Plan that would work for you!
I am making the study plan irrespective of the job role under the AWS Security category. It can be an AWS Security Analyst, AWS Security Researcher AWS Security Engineer, Cloud Security Operations Expert, or Cloud Security Manager.
So, check how much you can cover and close the checkbox. The more you close, the better candidate you are for the job role. Also, I assume you have already checked and are comfortable with the Common Security Skills study plan.
AWS Security Skills Learning and Checklist
My only suggestion here is to ask the below 4 questions while learning each topic/concept etc.
- What is this? (For example: What is a security group)
- Why am I learning this?
- How I can implement this?
- How it will be made secure or how will it be secure depending upon the topic or concept again?
AWS Fundamentals
I am listing only the topic name. How much you learn and comfortable with the concept or topic is upon you. I will share the minimal link to make you up to the mark and you are free to learn anything more than this for better candidacy and experience.
IAM
One of the most important and must-have skills for you. Try to understand IAM functionalities as much as possible.
- Understand IAM policy in 60 minutes: Youtube
- Understand IAM permissions
- Business Use Cases for IAM
- Security in IAM and STS
- IAM Access Analyzer
- User, Group, Roles, and when to use when and don’t forget to ask why this, why not that
- Custom policy vs AWS Managed Policy
- Cross-Account IAM policy to different roles, services, account
- Understand the IAM policy from a security mindset. Why this, why not this?
- Service Control Policy
- Security Best Practices in IAM
For any AWS Service(s), please follow this strategy:
- What does this service do
- What problem it would solve for business
- Security Best Practices guide for AWS service. Ex: S3 security best practices, VPC security best practices.
- What permissions you should provide for each role to maintain the least privilege principle?
- How it is being used, can there be some security misconfiguration if not configured properly? If so, what are the security guidelines to configure it?
- Is multi-tier, multi-region required for this service?
- How data at rest and data in transit can be achieved.
- Is logging required? If so, how are you going to log what data, and till what period
- Are we monitoring it? what’s the reason for Yes or No
- Any specific security settings for that service like Bucket Policy for S3 bucket
AWS Native Security core skills
What I mean to say here is:
- AWS core services related security skills
- AWS Security services hands-on knowledge
What are these? These are the core services:
- IAM, is super important
- EC2
- S3
- VPC, I feel it is the toughest one so far
- RDS
- API Gateway
- Lambda
- ECS and EKS
Below are AWS Core Security services that you should know and try hands-on as much as possible
- IAM Access Analyzer
- S3 Bucket Policy
- Security Group and NACL
- CloudTrail
- Config
- GuardDuty
- Inspector
- Macie
- Security Hub
- WAF and Shield (Optional, but if your job needs it; learn it)
- AWS KMS
- Secrets Manager
- Cognito
AWS Security Whitepapers
AWS has awesome lists of whitepapers related to AWS Security. We are adding a few important ones here. You can anytime check more for updated or new security whitepapers here
And don’t forget to bookmark the AWS Security bulletin for new vulnerabilities news from here
- AWS Overview — One of the important whitepapers to understand an overview of AWS
- Introduction to AWS Security Whitepaper
- AWS Well-Architected Security Pillar
- Introduction to Security By Design
- AWS Well Architected Framework
- AWS Risk And Compliance Whitepaper
- AWS Security Checklist
- AWS HIPAA Compliance Whitepaper
- AWS Cloud Adoption Framework
- AWS Auditing Security Checklist
- AWS CIS Foundation benchmark
- AWS Security Incident Response
- Overview of AWS Lambda Security
- AWS KMS Best Practices
- Encrypting File Data with Amazon Elastic File System
- Security of AWS CloudHSM backups
- Security overview of AWS Lambda
- NIST Cybersecurity Framework in the AWS cloud
- NIST 800–144 Security and Privacy in Public Cloud Computing
- Security at the Edge: Core Principles
- AWS KMS Best Practices
- Security Overview of AWS Fargate
Check your AWS Pentesting Skills
- Did you use pacu? if not, start using it
- Try AWS CTF from flaws.cloud. Here is solution on YouTube as well
- The next level is at flaws2.cloud
- Try Well Architected Framework: Security Labs
- AWS Security Workshops
- Check other good tools like Prowler and ScoutSuite as well.
Check your Knowledge against common security benchmarks and frameworks.
- AWS CIS Benchmark
- CSA Cloud Matrix and STAR Framework
- NIST CSF for AWS
- ISO 27017
AWS Security Videos and Courses
Check Awesome AWS Security repo for more details on books, videos, courses, etc.
If you liked the study plan, you may join the AWS Security group here: https://www.linkedin.com/groups/10543468/
I keep an updated AWS security plan on GitHub as well.
Please share your thoughts on this extensive study plan. Do you think we should add/edit anything more here?
Stay connected!