Securing Cloud Operations

6 days left! Gain next-level skills with Coursera Plus for $199 (regularly $399). Save now.

Securing Cloud Operations

Instructors: Luca Berton

Included with

Learn more

6 modules

Gain insight into a topic and learn the fundamentals.

Intermediate level

Recommended experience

1 week to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

6 modules

Gain insight into a topic and learn the fundamentals.

Intermediate level

Recommended experience

1 week to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

What you'll learn

Differentiate the security responsibilities of the cloud provider vs. the customer across IaaS, PaaS, and SaaS service models.
Configure identity and network controls—like IAM roles, security groups, and firewalls—across AWS, Azure, and GCP to enforce least-privilege access.
Deploy and operationalize cloud-native security services to detect threats and support incident response.
Map workloads to CIS, ISO 27001, and NIST CSF frameworks and generate simple audit evidence.

Details to know

Shareable certificate

Add to your LinkedIn profile

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

There are 6 modules in this course

Are You Ready to Secure Your First Cloud Project?

The cloud is where today’s ideas turn into tomorrow’s apps—but an unsecured virtual machine, open storage bucket, or forgotten access key can derail that dream overnight. Securing Cloud Operations is a straightforward, step-by-step course that teaches absolute beginners how to set up, strengthen, and review a small web stack on AWS, Azure, or Google Cloud using only free-tier services and simple checklists. You will learn why service models (IaaS, PaaS, SaaS) matter, how the shared-responsibility model works, and which one-click security features offer instant protection. This course is designed for cloud engineers, DevOps engineers, security analysts, and solution architects who want practical skills for securing real cloud environments. It’s a strong fit for anyone responsible for building, operating, or reviewing cloud infrastructure and who needs a clear, hands-on approach to strengthening cloud workloads. Learners should have a basic grasp of networking and virtualization, along with some experience using at least one major cloud platform such as AWS, Azure, or Google Cloud. You don’t need deep security knowledge—just enough comfort navigating cloud consoles and launching simple resources. By the end of the course, learners will be able to distinguish shared responsibilities across cloud service models, configure identity and network protections, enable and interpret cloud-native security tools, and align their environment with frameworks like CIS Benchmarks, ISO 27001, and NIST CSF while generating simple, audit-ready evidence.

In this course, you’ll learn how to secure a beginner-level cloud environment across AWS, Azure, and Google Cloud using simple, practical steps. You’ll harden virtual machines, control access, lock down networks and storage, and turn on native security tools that help you spot threats early. By the end, you’ll be able to apply key controls, run basic compliance checks, gather audit-ready evidence, and follow a lightweight incident response workflow—all using free-tier services and clear checklists you can reuse on any future cloud project.

What's included

1 video1 reading

This module introduces learners to foundational concepts in cloud computing, including IaaS, PaaS, and SaaS service models, and the core building blocks of compute, storage, and networking. Learners will also grasp the shared responsibility model using relatable analogies, setting the stage for secure operations in any cloud environment.

What's included

10 videos3 readings1 assignment1 peer review2 discussion prompts

10 videos Total 77 minutes

Module Introduction 4 minutes
Identify IaaS, PaaS, and SaaS Services 10 minutes
Compare Cloud Providers and Launch Core Services 6 minutes
Multi-Cloud Zero Trust Architecture 6 minutes
Recognize the Components of a Virtual Machine 8 minutes
Explore Database and Object Storage Options 12 minutes
Visualize Cloud Networking and Firewall Concepts 9 minutes
Explain Shared Responsibility Using Pizza-as-a-Service 8 minutes
Create a Least-Privilege IAM User 10 minutes
Enable Multi-Factor Authentication (MFA) on an Account 6 minutes

3 readings Total 15 minutes

Service-Model Cheat-Sheet 5 minutes
Glossary: Compute-Storage-Network 5 minutes
Step-By-Step IAM Setup 5 minutes

1 assignment Total 20 minutes

Understand Cloud Service Models and Core Infrastructure 20 minutes

1 peer review Total 20 minutes

Hands-On-Learning: Building a Shared Responsibility Matrix in the Cloud 20 minutes

2 discussion prompts Total 20 minutes

Zero Trust & Confidential Computing 10 minutes
Networking & Firewalls (CIDR, Security Groups) 10 minutes

This module guides learners through launching, configuring, and hardening virtual machines using platform-native features such as security groups, patching, logging, and SSH key management. The focus is on building a secure, functional IaaS-based environment on AWS, Azure, or Google Cloud.

What's included

10 videos2 readings1 assignment1 peer review2 discussion prompts

10 videos Total 81 minutes

Module Introduction 3 minutes
Launch a Secure OS Image from a Trusted Source 9 minutes
Enable Automatic Patching and Logging 10 minutes
Configure SSH Key-Based Access and Disable Passwords 10 minutes
Explain Port Rules with Real-World Analogies 8 minutes
Build a Web-Only Security Group 12 minutes
Validate Security Group Rules Using cURL and Analyzer Tools 8 minutes
Enable Encryption at Rest Using Managed Keys 7 minutes
Prevent Public Access to Buckets 6 minutes
Set Up Backup and Snapshot Schedules 7 minutes

2 readings Total 10 minutes

Security-Group Starter Template 5 minutes
Storage Safety Checklist 5 minutes

1 assignment Total 20 minutes

Secure a Virtual Infrastructure Stack 20 minutes

1 peer review Total 20 minutes

Hands-On-Learning: Designing a Secure Cloud Architecture with Compute, Network, and Storage Controls 20 minutes

2 discussion prompts Total 20 minutes

AMI Provenance & Automated Patching 10 minutes
Data Encryption & S3 Access Control 10 minutes

In this module, learners will activate and test native cloud security services like AWS GuardDuty, Azure Defender, and Google Cloud SCC. The lessons cover interpreting alerts, capturing logs, and initiating simple incident response actions, building confidence in real-world security operations.

What's included

10 videos2 readings1 assignment1 peer review2 discussion prompts

10 videos Total 75 minutes

Module Introduction 3 minutes
Activate Guard Duty, Azure Defender, or Google SCC 7 minutes
Interpret Sample Security Findings 8 minutes
Triage Low-Severity and False Positive Alerts 10 minutes
Enable Logging for Cloud API Activity 6 minutes
Search Logs for Risky Events (e.g., Delete/Stop) 7 minutes
Export Logs for Retention and Audit 8 minutes
Revoke Compromised Access Keys Immediately 8 minutes
Capture a Snapshot for Forensic Analysis 10 minutes
Complete a Post-Mortem Using a Simple Template 8 minutes

2 readings Total 10 minutes

Log Query Cheat-Sheet 5 minutes
One-Page IR Checklist 5 minutes

1 assignment Total 20 minutes

Enable Cloud-Native Detection and Response Tools 20 minutes

1 peer review Total 20 minutes

Hands-On-Learning: Responding to a Cloud Security Incident with Detection and Forensics 20 minutes

2 discussion prompts Total 20 minutes

Interpreting and Triage of Security Findings 10 minutes
Incident Response & Forensics 10 minutes

This final module introduces major security and compliance frameworks (CIS, ISO 27001, NIST CSF) and demonstrates how cloud controls can be mapped to meet them. Learners will implement tagging strategies, automate compliance checks, and perform a final audit of their cloud environment.

What's included

10 videos2 readings1 assignment1 peer review2 discussion prompts

10 videos Total 85 minutes

Module Introduction 4 minutes
Compare Popular Security Frameworks 11 minutes
Apply the CIS Ubuntu Benchmark to a VM 10 minutes
Use a Matrix to Map Controls Across Frameworks 8 minutes
Tag Cloud Resources for Ownership and Cost Tracking 6 minutes
Generate Cost and Compliance Reports 9 minutes
Enforce “No Public Buckets” with a Config Rule 8 minutes
Review the 10 Must-Do Security Controls 9 minutes
Complete a Capstone Self-Audit Using a Checklist 11 minutes
Explore Certification and Learning Paths 9 minutes

2 readings Total 10 minutes

CIS “Essential Eight” Summary 5 minutes
Starter Tag Kit (CSV) 5 minutes

1 assignment Total 20 minutes

Align Cloud Controls with Compliance Frameworks 20 minutes

1 peer review Total 20 minutes

Hands-On-Learning: Building a Compliance & Cost Dashboard for Cloud Governance 20 minutes

2 discussion prompts Total 20 minutes

Control Mapping Across Frameworks 10 minutes
Tags, Config, and the 10-Control Checklist 10 minutes

In this wrap-up module, you’ll pull together everything you’ve learned about securing cloud environments across AWS, Azure, and Google Cloud. You’ll complete a hands-on multi-cloud project where you design, harden, and audit a small web stack using the ten essential security controls. By producing real evidence artifacts—such as screenshots, tag reports, and config-rule results—you’ll finish the course with practical, audit-ready skills you can apply to real cloud operations.

What's included

1 video1 peer review

Instructors

Luca Berton

10 Courses 13,380 learners

Starweaver

529 Courses 959,544 learners

Offered by

Starweaver

Why people choose Coursera for their career

Felipe M.

Learner since 2018

"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."

Jennifer J.

Learner since 2020

"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."

Larry W.

Learner since 2021

"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."

Chaitanya A.

"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."

Open new doors with Coursera Plus

Unlimited access to 10,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription

Learn more

Advance your career with an online degree

Earn a degree from world-class universities - 100% online

Explore degrees

Join over 3,400 global companies that choose Coursera for Business

Upskill your employees to excel in the digital economy

Learn more

Frequently asked questions

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

When you purchase a Certificate you get access to all course materials, including graded assignments. Upon completing the course, your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.