AW910: AWS™ Security Governance at Scale

Training: AWS™ - Cloud - Certification

AWS ATP Select Tier Logo

Participants receive a practical introduction to governance at scale on AWS™. The course covers how account management, budget enforcement, security, and compliance can be automated and made scalable. It addresses how preventive and detective controls are integrated to ensure transparency, control, and the protection of sensitive data.

Unfortunately there are currently no available appointments.
Would you like to request an appointment? Then click on 'No matching appointment?'

Request prefered appointment period:

* All fields marked with an asterisk are mandatory fields.

Agenda:

  • Course Introduction
    • Instructor introduction
    • Learning objectives
    • Course structure and objectives
    • Course logistics and agenda

  • Governance at Scale
    • Governance at scale focal points
    • Business and Technical Challenges

  • Governance Automation
    • Multi-account strategies, guidance, and architecture
    • Environments for agility and governance at scale
    • Governance with AWS™ Control Tower
    • Use cases for governance at scale

  • Preventive Controls
    • Enterprise environment challenges for developers
    • AWS™ Service Catalog
    • Resource creation
    • Workflows for provisioning accounts
    • Preventive cost and security governance
    • Self-service with existing IT service management (ITSM) tools

  • Lab 1: Deploy Resources for AWS™ Catalog
    • Create a new AWS™ Service Catalog portfolio and product.
    • Add an IAM role to a launch constraint to limit the actions the product can perform.
    • Grant access for an IAM role to view the catalog items.
    • Deploy an S3 bucket from an AWS™ Service Catalog product.

  • Detective Controls
    • Operations aspect of governance at scale
    • Resource monitoring
    • Configuration rules for auditing
    • Operational insights
    • Remediation
    • Clean up accounts

  • Lab 2: Compliance and Security Automation with AWS™ Config
    • Apply Managed Rules through AWS™ Config to selected resources
    • Automate remediation based on AWS™ Config rules
    • Investigate the Amazon Config dashboard and verify resources and rule compliance

  • Lab 3: Taking Action with AWS™ Systems Manager
    • Setup Resource Groups for various resources based on common requirements
    • Perform automated actions against targeted Resource Groups

  • Resources
    • Explore additional resources for security governance at scale

 

Objectives:

In this course AW910 AWS™ Security Governance at Scale, you will learn to:
  • Establish a landing zone with AWS™ Control Tower
  • Configure AWS™ Organizations to create a multi-account environment
  • Implement identity management using AWS™ Single Sign-On users and groups
  • Federate access using AWS™ SSO
  • Enforce policies using prepackaged guardrails
  • Centralize logging using AWS™ CloudTrail and AWS™ Config
  • Enable cross-account security audits using AWS™ Identity and Access Management (IAM)
  • Define workflows for provisioning accounts using AWS™ Service Catalog and AWS™ Security Hub

Target audience:

This course AW910 AWS™ Security Governance at Scale is intended for:
  • Solution Architects
  • Security DevOps
  • Security Engineers

Prerequisites:

To participate in the course AW910 AWS™ Security Governance at Scale at qSkills™, you should have completed the following AWS™ trainings:
Optional:
  • AWS™ Cloud Management Assessment
  • Introduction to AWS™ Control Tower
  • Automated Landing Zone
  • Introduction to AWS™ Service Catalog

Description:

Security is foundational to AWS™. Governance at scale is a new concept for automating cloud governance that can help companies retire manual processes in account management, budget enforcement, and security and compliance. By automating common challenges, companies can scale without inhibiting agility, speed, or innovation. In addition, they can provide decision makers with the visibility, control, and governance necessary to protect sensitive data and systems.

In this course AW910 AWS™ Security Governance at Scale, you will learn how to facilitate developer speed and agility, and incorporate preventive and detective controls. By the end of this course, you will be able to apply governance best practices.

This course AW910 AWS™ Security Governance at Scale includes presentations, demonstrations, and assessment.

Other Info:

The course materials (E-Book) are in English language, the course language is German.
check-icon

Guaranteed implementation:

from 2 Attendees

Booking information

Price:

750,00 € plus VAT.

(including lunch & drinks)

Authorized training partner

NetApp Partner Authorized Learning
Commvault Training Partner
CQI | IRCA Approved Training Partner
Veeam Authorized Education Center
Acronis Authorized Training Center
AWS Partner Select Tier Training
ISACA Accredited Partner
iSAQB
CompTIA Authorized Partner
EC-Council Accredited Training Center

Memberships

Allianz für Cyber-Sicherheit
TeleTrust Pioneers in IT security
Bundesverband der IT-Sachverständigen und Gutachter e.V.
Bundesverband mittelständische Wirtschaft (BVMW)
Allianz für Sicherheit in der Wirtschaft
NIK - Netzwerk der Digitalwirtschaft
BVSW
Bayern Innovativ
KH-iT
CAST
IHK Nürnberg für Mittelfranken
eato e.V.
Sicherheitsnetzwerk München e.V.