Bootcamps » BUILDING SERVERLESS COMPLIANCE-AS-CODE

Description

Compliance-as-code is the concept of automating the evaluation of recorded configurations against desired configurations, from a security and well-architected perspective. Building Serverless Compliance-as-Code is a full-day, advanced-level bootcamp designed to teach you how to use, read, and write compliance-as-code to keep an AWS environment secure and optimized.

Following hands-on practice, the day will conclude with a tournament. The goal is to build innovative compliance-as-code to be made available to millions of AWS customers on the AWS public Github.

Objectives

This bootcamp teaches you how to:

  • Apply out-of-the-box rules to an AWS environment
  • Gain visibility on the current state of an environment, and remediate using AWS best practices on security and architecture
  • Create new compliance-as-code rules and make them available to the AWS community
  • Automate remediation
  • Use AWS Services: AWS CloudTrail, Amazon CloudWatch Events, Amazon SNS, AWS Config, Config Rules and AWS Lambda, Amazon EC2, Amazon S3, etc.

Intended Audience

This bootcamp is intended for:

  • Solutions architects who want to integrate testing automation in their architecture
  • Security/compliance engineers who are interested in building security controls testing
  • Developers who want to verify the standardization of their AWS environment
  • Managed-service partners to provide confidence on their services to their customers

Prerequisites

We recommend that attendees of this bootcamp have the following prerequisites:

  • Intermediate knowledge of AWS Services
  • Basic understanding of AWS API / SDK
  • Moderate proficiency in Python, Node.js, Java or C#

Delivery Method

This bootcamp is delivered through a mix of:

  • Instructor-Led Training (ILT)
  • Hands-On Labs
  • Team Tournament (Capture the Flag)

 

Note: A laptop is required in order to complete technical lab exercises; tablets are not appropriate.

Duration

One day

Outline

This bootcamp covers the following concepts:

  • Compliance-as-code
  • A variety of AWS best practices
  • AWS Config Rules
  • AWS Lambda in the context of Config Rules
  • Overview of AWS security services: AWS Config, AWS Identity Access Management (IAM), AWS Key Management Service (KMS), AWS CloudTrail, etc.