AWS Security Governance at Scale
Provided by QA
Overview
The AWS Security Governance at Scale course will help solutions architects, DevOps engineers, and security engineers. You;ll learn how to automate your cloud governance so that you can retire manual processes through AWS security and governance services and concepts. In this 1-day, classroom training course, an expert AWS instructor will dive deep into concepts that help you provide decision makers with the visibility, control, and governance necessary to protect sensitive data and systems. You;ll apply key services, concepts, and best practices through tutorials, hands-on labs, discussions, demonstrations, presentations, and group exercises.
What you'll learn
Knowledge and experience with AWS services, such as AWS Control Tower, AWS Service Catalog, AWS Config, and AWS Systems Manager
We recommend that attendees of this course have taken AWS Security Fundamentals and AWS Security Essentials
+
Prerequisites
Before attending this course, participants should have completed the following:
Required:
Delegates will learn how to
In this course, you will learn to:
Outline
Course Introduction
The AWS Security Governance at Scale course will help solutions architects, DevOps engineers, and security engineers. You;ll learn how to automate your cloud governance so that you can retire manual processes through AWS security and governance services and concepts. In this 1-day, classroom training course, an expert AWS instructor will dive deep into concepts that help you provide decision makers with the visibility, control, and governance necessary to protect sensitive data and systems. You;ll apply key services, concepts, and best practices through tutorials, hands-on labs, discussions, demonstrations, presentations, and group exercises.
What you'll learn
- Establish a landing zone with AWS Control Tower
- Configure AWS Organizations to create a multi-account environment
- Implement identity management using AWS Single Sign-On (SSO) users and groups
- Federate access using AWS SSO
- And much more
- Solutions architects
- Security DevOps engineers
- Security engineers
Knowledge and experience with AWS services, such as AWS Control Tower, AWS Service Catalog, AWS Config, and AWS Systems Manager
We recommend that attendees of this course have taken AWS Security Fundamentals and AWS Security Essentials
+
Prerequisites
Before attending this course, participants should have completed the following:
Required:
- AWS Security Fundamentals course
- AWS Security Essentials course
- AWS Cloud Management Assessment
- Introduction to AWS Control Tower course
- Automated Landing Zone course
- Introduction to AWS Service Catalog course
Delegates will learn how to
In this course, you will learn to:
- Establish a landing zone with AWS Control Tower
- Configure AWS Organizations to create a multi-account environment
- Implement identity management using AWS Single Sign-On users and groups
- Federate access using AWS SSO
- Enforce policies using prepackaged guardrails
- Centralize logging using AWS CloudTrail and AWS Config
- Enable cross-account security audits using AWS Identity and Access Management (IAM)
- Define workflows for provisioning accounts using AWS Service Catalog and AWS Security Hub
Outline
Course Introduction
- Instructor introduction
- Learning objectives
- Course structure and objectives
- Course logistics and agenda
- Governance at scale focal points
- Business and Technical Challenges
- Multi-account strategies, guidance, and architecture
- Environments for agility and governance at scale
- Governance with AWS Control Tower
- Use cases for governance at scale
- Enterprise environment challenges for developers
- AWS Service Catalog
- Resource creation
- Workflows for provisioning accounts
- Preventive cost and security governance
- Self-service with existing IT service management (ITSM) tools
- Create a new AWS Service Catalog portfolio and product.
- Add an IAM role to a launch constraint to limit the actions the product can perform.
- Grant access for an IAM role to view the catalog items.
- Deploy an S3 bucket from an AWS Service Catalog product.
- Operations aspect of governance at scale
- Resource monitoring
- Configuration rules for auditing
- Operational insights
- Remediation
- Clean up accounts
- Apply Managed Rules through AWS Config to selected resources
- Automate remediation based on AWS Config rules
- Investigate the Amazon Config dashboard and verify resources and rule compliance
- Setup Resource Groups for various resources based on common requirements
- Perform automated actions against targeted Resource Groups
- Explore additional resources for security governance at scale
Enquire
Start date | Location / delivery | |
---|---|---|
No fixed date | United Kingdom | Book now |
01132207150
01132207150