AWS EC2 and Network Security Basics

Amazon Elastic Compute Cloud (EC2) is a cloud computing service provided by AWS. EC2 makes it possible to deploy applications at scale, launching instances of servers as and when they need. As you might expect, this creates the need to secure networks and server-instances across the service. This course is a deep dive into security for EC2, exploring both the offensive and defensive approaches, and practical applications of network security in AWS.

This Amazon EC2 and Network Security course begins with a comprehensive look at network security features in AWS, and Amazon Virtual Private Cloud (VPC). The course then shifts focus to EC2 security, where we explore STS metadata, AWS Systems Manager, and AWS Inspector. Moving into offensive security, we’ll use a host of hands-on labs to gain practical experience in attacking EC2 deployments using Server-Side Request Forgery, compromising S3, and more. 

As a counterpoint, the next lesson looks at defensive security, where you’ll learn how to fortify apps in EC2 against external threats. Our last two lessons also focus heavily on learning practical techniques configuring AWS Inspector and applying the various network security measures we’ve previously learned about.

This course is completely focused on providing you with a robust, hands-on look at network security for cloud-native apps in EC2 and various AWS services. All our material is designed to deliver real-world problem-solving experience. When you finish this course, you’ll be able to directly apply what you’ve learned to secure cloud-native apps and networks that rely on AWS.

AWS EC2 and Network Security Basics
Proficiency Intermediate
Audience Cloud Security
Course Duration​ 4
Lessons​ 47
Cloud Labs​ 4



Cloud Security Expert

Course duration




Cloud Labs


    • Network Security Intro and Features
    • Regions and Availability Zones
    • Introduction to VPC
    • VPC Networking Capability
    • VPC Security Controls – Intro
    • VPC Flow logs – Intro
    • EC2 – Intro and Features
    • Your Security Responsibility – EC2
    • STS Metadata and Metadata token compromise
    • EC2 Security Practices Intro
    • IMDSv1 vs IMDSv2
    • AWS Systems Manager – Intro
    • AWS Inspector
    • Server-Side Request Forgery Explanation
    • WeasyPrint SSRF Explanation
    • EC2 Attack
    • Attacking SSRF
    • Compromising S3
    • Deleting the Attack stack
    • Enabling IMDSv2
    • EC2 – Defense Explanation
    • SSM Configuration
    • Unsuccessful SSRF Attack
    • Project Teardown
    • Inspector Lab Explanation
    • Configuring AWS Inspector
    • Inspector Run
    • Inspector Lab Teardown
    • VPC Flow Logs – Case Study
    • VPC Flow Logs – Code and Explanation
    • Deploying VPC Flow Logs – Case study
    • Compromising Redis
    • Querying Athena for VPC flow logs
    • Deleting the Stack
  • Attacking Amazon EC2
  • Defending Amazon EC2
  • Understanding AWS Inspector
  • Implementing VPC Flow Logs
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking "Accept" you consent to the use of All the cookies