AWS Well-Architected Security Labs
This repository contains documentation and code in the format of hands-on labs to help you learn, measure, and build using architectural best practices. The labs are categorized into levels, where 100 is introductory, 200/300 is intermediate and 400 is advanced.
For more information about security on AWS visit AWS Security and read the AWS Well-Architected Security whitepaper or online https://wa.aws.amazon.com/. Also check out https://awssecworkshops.com/ for hands-on workshops, AWS Training and Certification Learning Library for official security training options.
- Level 100: AWS Account and Root User
- Level 100: Basic Identity and Access Management User, Group, Role
- Level 100: CloudFront with S3 Bucket Origin
- Level 100: Enable Security Hub
- Level 200: Automated Deployment of Detective Controls
- Level 200: Automated Deployment of EC2 Web Application
- Level 200: Automated Deployment of IAM Groups and Roles
- Level 200: Automated Deployment of VPC
- Level 200: Automated Deployment of Web Application Firewall
- Level 200: Automated IAM User Cleanup
- Level 200: Basic EC2 with WAF Protection
- Level 200: Certificate Manager Request Public Certificate
- Level 200: CloudFront with WAF Protection
- Level 300: IAM Permission Boundaries Delegating Role Creation
- Level 300: IAM Tag Based Access Control for EC2
- Level 300: Incident Response with AWS Console and CLI
- Level 300: Lambda Cross Account IAM Role Assumption
Quests are designed to collate a group of relevant labs and other resources together into a common theme for you to follow and learn.
- Level 100: Introduction to Security Introduction to AWS security basics, used as the workshop in AWS loft events.
- Level 100: Quick Steps to Security Success In just one day (or an hour a day for a week!) implement some foundational security controls to immediately improve your security posture.
- Level 200: Incident Response Day This quest is the guide for incident response workshop often ran at AWS led events.
- Level 300: Security Best Practices Workshop This quest is the guide for security best practices workshop often ran at AWS led events including AWS Summits.
- Level 300: Security Best Practices Day This quest is the guide for an AWS led event including security best practices day. Includes identity & access management, detective controls, infrastructure protection, data protection and incident response.
The following quests are aligned to the security best practice questions in AWS Well-Architected.
- Managing Credentials & Authentication
- Control Human Access
- Control Programmatic Access
- Detect and Investigate Events
- Defend Against New Threats
- Protect Networks
- Protect Compute
- Classify Data
- Protect Data at Rest
- Protect Data in Transit
- Incident Response
Licensed under the Apache 2.0 and MITnoAttr License.
Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with the License. A copy of the License is located at
or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.