AWS Security Essentials Workshop
Are you using or moving to AWS? Have you considered how you organize and secure your AWS environments? The growing push to cloud providers has allowed us to move faster and tackle problems more efficiently. The same freedoms that have allowed us to move faster have also created scenarios where security issues are exposed by accident and/or without proper management and review. As companies move toward more and more cloud usage, teams are pushed harder to ensure the same compliance and security requirements that exist in slower moving private environments. This has the potential to put us right back where we came from.
Join Aaron in this in-depth workshop and work through the most critical security decisions you can make for your AWS environments. Identify issues and solutions in an automation friendly fashion that aim to fit seamlessly into the development and deployment lifecycle.
This workshop will cover the following topics:
- Account provisioning and IAM
- Credential management
- VPC setup and network design
- Encryption and key management
- Auditing AWS configurations to find security holes
- Creating a robust CI pipeline that ensures no obvious security holes are present within your environments
In addition to these topics, a heavy emphasis on both platform and server automation will be included. This session will primarily focus on free to run AWS services but the possibility of incurring small fees is possible.
Software engineers, cloud engineers, security analysts, architects and anyone interested in security on AWS.
Prerequisites for Attendees
- Docker and Docker Compose, an AWS account with full administrative permissions.
- An internet connection.