airman604/aws-security-workshop

AWS Security 101 Workshop

Welcome to the AWS Security 101 workshop.

Pre-requisites

You will use your own AWS account to provision the lab environment. We provide the provisioning and de-provisioning scripts to make the process easier, and to ensure all the resources are deleted once you complete the workship to minimize any costs. PLEASE NOTE, YOU ARE RESPONSIBLE FOR ANY AWS CHARGES RELATED TO YOUR USE OF THE GUIDES AND SCRIPTS IN THIS REPOSITORY. Having said that, such charges should be minimal.

Deployment

To participate in the labs, you need to deploy the lab environment to your AWS account before the workshop!

1. Create an AWS account, if you don't have one:
   • Go to https://aws.amazon.com/, click Create an AWS Account and follow the instructions.
   • You will need a credit card.
2. Login into your AWS account, then in the top right corner switch to us-west-2 region (US West (Oregon)) and open Cloud Shell.
3. Clone this repository and run deploy.sh:

git clone https://github.com/airman604/aws-security-workshop.git
cd aws-security-workshop
./deploy.sh

Deployment takes around 5 minutes. Once the deployment is complete take a note of the displayed frontend URL.

Cleanup

1. Run ./destroy.sh in the Cloud Shell (from the cloned repository folder).
2. Delete any resources that you created manually during the labs:
   • delete WAF configuration
   • delete S3 bucket that was created for ALB logs
   • disable GuardDuty
   • delete the CloudTrail trail

Useful Resources

• YouTube
  • Channels
    • Amazon Web Services
    • AWS Online Tech Talks
    • AWS Events
  • AWS re:Invent and re:Inforce
    • AWS re:Invent
    • AWS re:Inforce
• Getting Started
  • AWS Getting Started
  • AWS re:Inforce 2019: The Fundamentals of AWS Cloud Security
  • AWS Security Fundamentals
  • I published an Internet app, wait—how do I protect it?
  • The Beginner's Guide to Secure Configurations in AWS
  • CIS Benchmark
• GuardDuty
  • Amazon GuardDuty Docs
  • Getting Hands on with Amazon GuardDuty
  • Amazon GuardDuty - Let's Attack My Account
  • AWS re:Inforce 2019: Threat Detection on AWS: An Introduction to Amazon GuardDuty
  • Deep Dive on Amazon GuardDuty
  • Threat Response Scenarios Using Amazon GuardDuty
• IAM
  • AWS re:Invent 2018: [REPEAT 1] Become an IAM Policy Master in 60 Minutes or Less
  • Deep Dive with Security: AWS Identity and Access Management (IAM)
  • Interactive demo of Capital One breach (showcases abuse of EC2 instance profiles)
• VPC
  • Amazon VPC Docs
  • Introduction to Amazon Virtual Private Cloud (VPC)
• AWS Blogs
• AWS Workshops
• AWS Security Workshops
• AWS Skill Builder
• AWS Well-Architected Framework
• Subscriptions and pay services
  • A Cloud Guru
  • Pluralsight
  • LinkedIn Learning
  • O'Reilly Learning Platform