Join the AWS Security Cookbook Internship Program

announcements Jun 18, 2024

Welcome to the AWS Security Cookbook Internship Program! This is a unique opportunity to deepen your understanding of AWS security concepts by practicing the recipes in the award-winning book AWS Security Cookbook, recognized as the 8th best cloud computing book of all time. The AWS Security Cookbook (First Edition) is available on major platforms such as Amazon, O'Reilly, and Packt. You can view the book on Amazon Canada here.

As part of this internship, you will:

  • Learn and practice AWS security concepts through hands-on experience.
  • Ask questions and get guidance from the author, Heartin Kanikathottu.
  • Participate in research and development related to the topics in the book.
  • Get your name printed in the next edition of the book if you participate with commitment till the end.

Why You Should Join This Program

  • Hands-On Learning: Gain practical experience by working on real-world AWS security scenarios.
  • Direct Access to the Author: Benefit from the expertise and guidance of Heartin Kanikathottu, an acclaimed author and AWS security expert.
  • Flexible Commitment: Choose your daily commitment between 2 to 7.5 hours to fit your schedule.
  • Global Recognition: Stand a chance to have your name featured in the next edition of a globally recognized book.
  • Career Advancement: Enhance your resume with hands-on AWS security experience, making you more competitive in the job market.
  • Networking Opportunities: Connect with other like-minded professionals and expand your professional network.
  • Affordable Entry: Access high-quality learning at a nominal registration fee of $139 CAD (approx. 101 USD).
  • Certification: Receive an internship certificate from Coding Architect, a registered Information Technology business if you are in Canada. For participants outside Canada, the certificate will be provided by Trainso Training Solutions, an IT company registered in India.
  • Learn More: Access to all live classes at CodingArchitect.com.

Topics Covered

Setting up AWS Account and Organization

  • Setting up IAM, Account Alias, and Billing Alerts
  • Multi-Account Management with AWS Organizations
  • User Management and SSO with IAM Identity Center

Access Management with IAM Policies and Roles

  • Creating a Customer Managed IAM Policy
  • Using Policy Variables within IAM Policies
  • Creating Customer Managed Policies in IAM Identity Center
  • Setting IAM Permission Boundaries for IAM Entities
  • Centralizing Governance in AWS Organizations with SCPs
  • IAM Cross-Account Role Switching and Identity Account Architecture
  • Cross-Service Access via IAM Roles on EC2 Instances

Key Management with KMS and CloudHSM

  • Creating Keys in KMS
  • Creating Keys with External Key Material (BYOK)
  • Rotating Keys in KMS
  • Granting Permissions Programmatically with Grants
  • Using Key Policies with Conditional Keys
  • Sharing Customer-Managed Keys Across Accounts
  • Creating, Initializing and Activating a CloudHSM Cluster

Securing Data on S3 with Policies and Techniques

  • Creating an S3 Bucket Policy
  • Working with S3 Access Control Lists (ACLs)
  • Creating S3 Presigned URLs
  • Protecting Files with S3 Versioning and Object Locking
  • Encrypting Data on S3

Network Security with VPC

  • Setting up VPC Plus VPC Resources with Minimal Efforts
  • Creating a Bare VPC and Setting up Public and Private Subnets
  • Launching an EC2 Instance with Web Server Using User Data
  • Creating and Configuring Security Groups
  • Working with NACLs
  • Using a VPC Gateway Endpoint to Connect to S3
  • Configuring and Using VPC Flow Logs
  • Setting up and Configuring NAT Gateways

Web Security using Certificates, CDNs, and Firewalls

  • Enabling HTTPS for a Web Server on an EC2 Instance
  • Creating an SSL/TLS certificate with ACM
  • Creating ELB Target Groups
  • Using an application load balancer with TLS termination at the ELB
  • Using a network load balancer with TLS termination at EC2
  • Securing S3 using CloudFront and TLS
  • Using Web Application Firewall (WAF)

Monitoring with CloudWatch, CloudTrail, and Config

  • Creating an SNS topic to send emails
  • Working with CloudWatch alarms and metrics
  • Creating a CloudWatch log group
  • Working with CloudWatch events
  • Reading and filtering logs in CloudTrail
  • Creating a trail in CloudTrail
  • Using Athena to query CloudTrail logs in S3
  • Integrating CloudWatch with CloudTrail using CloudFormation template
  • Setting up and using AWS Config

Compliance with GuardDuty, Macie, and Inspector

  • Setting up and using Amazon GuardDuty
  • Aggregating findings from multiple accounts in GuardDuty
  • Setting up and using Amazon Macie
  • Setting up and using Amazon Inspector
  • Creating a custom Inspector template
  • Setting up and using AWS Security Hub

Serverless Identity Management – Cognito and Beyond

  • Working with Amazon Cognito User Pools
  • Using Identity Pools to Access AWS Resources
  • Using Microsoft Entra ID as the Identity Provider

Additional Services and Practices for AWS Security

  • Setting up and using AWS Resource Access Manager
  • Storing Sensitive Data with the Systems Manager Parameter Store
  • Using AWS Secrets Manager to manage RDS credentials
  • Creating an AMI instead of using EC2 user data
  • Using security products from AWS Marketplace
  • Using AWS Trusted Advisor for recommendations
  • Using AWS Artifact for compliance reports
  • Working with AWS CloudFormation

Commitment and Registration

  • Minimum commitment: 2 hours per day
  • Recommended commitment: Full 7.5 hours per day
  • Duration: 2 months if done full-time (7.5 hours per day)
  • Flexible commitment: Choose your commitment level between 2 to 7.5 hours daily.
  • Registration fee: A nominal fee of $139 CAD (approx. 101 USD) to manage program expenses, including virtual office and recordings, and to ensure commitment from your side.
  • Re-enrollment: If you do not meet your commitment for a week, you must re-enroll by paying the registration fee again.

How to Apply

Send your resume along with commitment hours to [email protected].

You can pay your fee here. For more payment options, please contact me at [email protected].

About the first edition

The first edition of the AWS Security Cookbook was recognized as the 8th best cloud computing book of all time. The AWS Security Cookbook (First Edition) is available on major platforms such as Amazon, O'Reilly, and Packt. You can view the book on Amazon Canada here.

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Cras sed sapien quam. Sed dapibus est id enim facilisis, at posuere turpis adipiscing. Quisque sit amet dui dui.

Call To Action

Stay connected with news and updates!

Join our mailing list to receive the latest news and updates from our team.
Don't worry, your information will not be shared.

We hate SPAM. We will never sell your information, for any reason.