AWS Security Governance at Scale (SGS) – Contenuti

Contenuti dettagliati del Corso

Course Introduction
  • Instructor introduction
  • Learning objectives
  • Course structure and objectives
  • Course logistics and agenda
Module 1: Governance at Scale
  • Governance at scale focal points
  • Business and Technical Challenges
Module 2: Governance Automation
  • Multi-account strategies, guidance, and architecture
  • Environments for agility and governance at scale
  • Governance with AWS Control Tower
  • Use cases for governance at scale
Module 3: Preventive Controls
  • Enterprise environment challenges for developers
  • AWS Service Catalog
  • Resource creation
  • Workflows for provisioning accounts
  • Preventive cost and security governance
  • Self-service with existing IT service management (ITSM) tools
Lab 1: Deploy Resources for AWS Catalog
  • Create a new AWS Service Catalog portfolio and product.
  • Add an IAM role to a launch constraint to limit the actions the product can perform.
  • Grant access for an IAM role to view the catalog items.
  • Deploy an S3 bucket from an AWS Service Catalog product.
Module 4: Detective Controls
  • Operations aspect of governance at scale
  • Resource monitoring
  • Configuration rules for auditing
  • Operational insights
  • Remediation
  • Clean up accounts
Lab 2: Compliance and Security Automation with AWS Config
  • Apply Managed Rules through AWS Config to selected resources
  • Automate remediation based on AWS Config rules
  • Investigate the Amazon Config dashboard and verify resources and rule compliance
Lab 3: Taking Action with AWS Systems Manager
  • Setup Resource Groups for various resources based on common requirements
  • Perform automated actions against targeted Resource Groups
Module 5: Resources
  • Explore additional resources for security governance at scale