Deep Dive into AWS IoT Authentication and Authorization

Khurram Azhar

 

Course description

Security is a central concern for all of Amazon Web Services (AWS). Security is extremely important in the field of IoT (Internet of Things) because IoT devices are physically accessible. Authentication and authorization are the foundations of a secure IoT infrastructure.This course explores the concepts of IoT authentication and authorization within AWS IoT. You will learn about the IoT control plane and data plane and how to authenticate and authorize to both. This course is intended for students who would like to securely connect devices, mobile apps, desktop apps, web apps, or the CLI to AWS IoT. You will learn about using different authentication methods and their appropriate authorization policies.

This is an interactive course that includes hands-on exercises using AWS. This course is designed so that you can take the full course from start to finish or select individual topics that suit your interests.

Course objectives

In this course, you will learn:

What authentication and authorization are

The difference between the control plane and data plane in AWS IoT

Different methods of connecting to AWS IoT Core

How to use policies to grant proper permissions

How to use the different authentication methods

X.509 certificates

Custom authorizers

AWS Identity and Access Management (IAM), federated identities, and Amazon Cognito Federated Identities

Intended audience

This course is intended for:

Fleet managers

Security architects

Device engineers

Line-of-business application developers

Prerequisites

We recommend that attendees of this course have the following prerequisites:

IoT Foundation: Telemetry

AWS IoT Security Primer

Course outline

Module 1:

Introduction

Welcome

Demos in this course

Introduction to authentication and authorization

Introduction to policies

Determining permissions

Writing a policy

Least privilege

Closing

Module 2:

Control Plane and Data Plane

Control plane vs. data plane

Control plane

Authenticating

Authorizing

Common IAM policies for IoT

Data plane

Authenticating

Authorizing: Choosing the appropriate policy type

Authorizing: IoT policy action/resource/variable

Authentication and authorization requirements

Demo

Closing

Module 3:

X.509 Certificates

Introduction

Authenticating

Authenticating

Mutual authentication

Creating and registering certificates

Authorizing

Policy variables with certificate attributes

Direct calls to AWS services

Deactivating and revoking certificates

Demo

Closing

Module 4:

Custom Authorizers

Introduction

Authenticating and authorizing

Components of a custom authorizer

Demo

Closing

Module 5:

IAM, Federated Identities, and Cognito Identities

Authenticating with AWS Identity and Access Management

Federated identities

IAM federated identities

Introduction

Authenticating and authorizing

Recommended: Amazon Cognito identities

Introduction

Authenticating

Authorizing: Choosing the appropriate policy type

Authenticating and authorizing

Demo

Closing

Comments

Post a Comment

Welcome to my page

Popular posts from this blog

Amazon Training & Certification Course By (Khurram Azhar)

Khurram Azhar
Amazon Training & Certification Course   IOT Learning Plan About this learning plan This Learning Plan is designed to help Architects, Developers, Data Analysts, Data Engineers, & Operations Engineers who need solutions to connect devices and collect, store, and analyze device data. The digital training included in this Learning Plan will interpretation you to a broad experience diagonally IOT Core and its associated services. Introduction to AWS  IOT This course is an introduction to AWS IOT, or Internet of Things. In this course, you will learn how the AWS IOT communication architecture works, and the components that make up AWS IOT. We will discuss how AWS IOT works with other AWS services. A case study of AWS IOT will also be provided. IOT Foundation: Telemetry Billions of small, physical devices, such as sensors and actuators, are currently deployed in homes, factories, hospitals, and in other business use cases. This proliferation of devices requires solutions t...
http://www.youtube.com/c/KhurramAzhar

Introduction to Fleet Management

Khurram Azhar
  Introduction to Fleet Management This is the third course in the AWS Internet of Things (IoT) Foundation series. This course builds on concepts introduced in previous lessons that covered onboarding single devices, establishing communication, and collecting and visualizing data. This course focuses on how to manage a fleet of devices and prepare for fleet management, provision fleets in advance and on-demand, and gather information about the devices. Additionally, the course emphasizes running commands from the command line interface (AWS CLI). Note: For learners who are new to AWS Internet of Things, we recommend the complete  IoT Foundation Series , which contains this course, pre-requisite and other foundational knowledge about AWS Internet of Things.   Intended Audience This course is intended for: Device engineers Fleet managers   Course Objectives In this course, you will learn how to: Describe the main features and benefits of AWS IoT D...
http://www.youtube.com/c/KhurramAzhar

IoT Foundation Predictive Maintenance

Khurram Azhar
  IoT Foundation Predictive Maintenance This is the fourth course in the AWS Internet of Things (IoT) Foundation series. In this course, you will build on the concepts introduced in previous lessons, which covered onboarding single devices, establishing communication with them, collecting and visualizing data received, and managing a fleet of devices. This course focuses on using AWS services to predict failure of IoT devices in an industrial setting. You will also learn how to use AWS services such as AWS IoT Analytics, AWS IoT Rules Engine, and AWS QuickSight to collect, visualize, and analyze data in order to take automated action based on data collected from your IoT devices. Note: For learners who are new to AWS Internet of Things, we recommend the complete IoT Foundation Series, which contains this course and other foundational knowledge about AWS Internet of Things.   Intended Audience This course is intended for: Data Engineers Operations Analysts Devi...
http://www.youtube.com/c/KhurramAzhar

IoT Device Defence Primer

Khurram Azhar
  Course Description Because many Internet of Things (IoT) devices are resource constrained, IoT devices become common targets for unauthorized users and events. In this course, you learn how to use AWS IoT Device Defender to monitor your fleet’s behavior and know when its devices are noncompliant. You create a notification topic so that you are alerted when a noncompliant behavior occurs and deploy agents to help return your devices to a compliant state. Finally, you explore troubleshooting strategies so that you can ensure that AWS IoT Device Defender operates as designed. Course objectives This course is designed to teach you how to: Describe the main purpose and functionality of AWS IoT Device Defender Use AWS IoT Device Defender to perform audit account settings and policies Apply troubleshooting strategies to help fix issues within AWS IoT Device Defender audit Use AWS IoT Device Defender to resolve issues raised through audit check results Use AWS IoT Devic...
http://www.youtube.com/c/KhurramAzhar