Task Statement 1.2: Design Secure Workloads and Applications
In this study group, we will secure workloads and applications on AWS by learning best practices for application security, network segmentation, credential protection, and external threat mitigation.
This guide follows SecureCart, an e-commerce company, as they implement a secure AWS architecture while protecting their infrastructure from external and internal threats.
📅 Study Group Agenda
Week
Topic
Key AWS Services
Week 1
Application Configuration & Credential Security
AWS Secrets Manager, AWS Systems Manager Parameter Store
Week 2
Securing Network Traffic & AWS Service Endpoints
VPC Endpoints, Security Groups, Network ACLs, Route Tables
Week 3
Network Segmentation Strategies & Traffic Control
Public/Private Subnets, NAT Gateway, VPC Peering
Week 4
Protecting Applications from External Threats
AWS WAF, AWS Shield, Amazon GuardDuty
Week 5
Securing External Network Connections
AWS Direct Connect, VPN, Transit Gateway
Week 6
Hands-on Labs & Final Challenge
Implementing End-to-End Secure Workloads
🎯 Final Study Group Summary
Week
Focus Area
Outcome
Week 1
Secure Application Credentials
Use AWS Secrets Manager & IAM Policies
Week 2
Secure AWS Service Communication
Implement VPC Endpoints & Secure Networking
Week 3
Network Segmentation & Security
Configure Private/Public Subnets & NAT Gateway
Week 4
Protecting Against Cyber Threats
Use AWS WAF, Shield, GuardDuty, & Macie
Week 5
Secure External Connectivity
Implement AWS VPN, Direct Connect, Transit Gateway
Week 6
Hands-on Scenarios
Apply all security best practices to real-world cases
Last updated