Architecture diagrams in AWS Quest: Security
As I recently completed all 24 practice labs and DIY assignments from AWS Cloud Quest: Security, I wanted to save all architecture diagrams from the quest so I could refer to them along my cloud security journey.
INTRODUCTION:
As said on Amazon Web Services Training and Certification Credly page for this badge: "Earners of this badge have demonstrated efficient use of AWS security services to build solutions. Badge earners have acquired hands-on experience deploying solutions that respond to incidents, remediate quickly, detect vulnerabilities and prevent data loss".
There is available 7-day free trial for Skill Builder, making it ~4 Security Quest labs a day to finish everything during this trial period. Otherwise, monthly subscription was in my case $34.76 taxes included.
Related to obtaining this badge, Credly provides insights such as top job titles and top skills:
ARCHITECTURE DIAGRAMS:
01 Cloud Computing Essentials
Key services: Amazon S3
02 Cloud First Steps
Key services: Amazon EC2
03 Computing Solutions
Key services: Amazon EC2
04 Networking Concepts
Key services: Amazon EC2, Amazon VPC
05 Serverless Foundations
Key services: AWS Lambda
06 Connecting VPCs
Key services: Amazon VPC, Amazon EC2
07 Core Security Concepts
Key services: AWS Identity and Access Management (IAM), Amazon Relational Database Service (RDS), Amazon EC2
08 Identity and Access Management
Key services: Amazon EC2, AWS Identity and Access Management (IAM), Amazon S3
09 Security Policies
Key services: Amazon S3, Amazon EC2, AWS Identity and Access Management (IAM)
10 Lambda Security
Key services: AWS Lambda, Amazon VPC, AWS Secrets Manager
11 Compliance Enforcement
Key services: AWS Systems Manager, AWS Config
12 Securing APIs
Key services: Amazon Cognito, Amazon API Gateway, AWS Lambda, AWS Identity and Access Management
13 S3 Security
Key services: Amazon S3
14 Playing with Encryption
Key services: AWS Key Management Service (KMS), Amazon EC2
15 Incident Response
Key services: Amazon SNS, Amazon CloudWatch, AWS Systems Manager, AWS Lambda
16 Infrastructure as Code
Key services: Amazon EventBridge, Amazon CloudWatch, AWS Lambda, AWS CloudFormation
17 Securing Your Servers
Key services: Amazon EC2, Amazon DynamoDB, AWS Lambda, AWS Identity and Access Management (IAM), Amazon S3
18 Serverless Authentication
Key services: AWS Serverless Application Model (SAM), Amazon Cognito, Amazon DynamoDB, AWS Amplify, AWS Lambda
19 Secrets Management
Key services: AWS Secrets Manager, AWS Lambda, Amazon Relational Database Service (RDS)
20 Protecting Data at Rest
Key services: AWS Key Management Service (KMS), Amazon EC2
21 Application Logs
Key services: AWS Glue, Amazon Athena, Amazon Kinesis
22 Secure Self-Service Infrastructure
Key services: AWS Service Catalog, AWS CloudFormation
23 Securing a Three-Tiered Architecture
Key services: Amazon VPC, Amazon EC2 Auto Scaling, Amazon EC2, Amazon Relational Database Service (RDS)
24 Edge Protection
Key services: Amazon CloudFront, AWS WAF