Task Statement 1.2: Design Secure Workloads and Applications

In this study group, we will secure workloads and applications on AWS by learning best practices for application security, network segmentation, credential protection, and external threat mitigation.

This guide follows SecureCart, an e-commerce company, as they implement a secure AWS architecture while protecting their infrastructure from external and internal threats.

📅 Study Group Agenda

Week

Topic

Key AWS Services

Week 1

Application Configuration & Credential Security

AWS Secrets Manager, AWS Systems Manager Parameter Store

Week 2

Securing Network Traffic & AWS Service Endpoints

VPC Endpoints, Security Groups, Network ACLs, Route Tables

Week 3

Network Segmentation Strategies & Traffic Control

Public/Private Subnets, NAT Gateway, VPC Peering

Week 4

Protecting Applications from External Threats

AWS WAF, AWS Shield, Amazon GuardDuty

Week 5

Securing External Network Connections

AWS Direct Connect, VPN, Transit Gateway

Week 6

Hands-on Labs & Final Challenge

Implementing End-to-End Secure Workloads

🎯 Final Study Group Summary

Week

Focus Area

Outcome

Week 1

Secure Application Credentials

Use AWS Secrets Manager & IAM Policies

Week 2

Secure AWS Service Communication

Implement VPC Endpoints & Secure Networking

Week 3

Network Segmentation & Security

Configure Private/Public Subnets & NAT Gateway

Week 4

Protecting Against Cyber Threats

Use AWS WAF, Shield, GuardDuty, & Macie

Week 5

Secure External Connectivity

Implement AWS VPN, Direct Connect, Transit Gateway

Week 6

Hands-on Scenarios

Apply all security best practices to real-world cases

PreviousUsing IAM Policies and Tags for Access Control in AWS NextSecureCart Journey

Last updated 1 month ago