AWS Security Solution to make your environment Safe and meet the Compliance

We align the AWS security services to the 5 epics of the Security Cloud Adoption Framework (CAF). The order of the epics tells a story. The story has some components/modules that can support it.

  • Story 1: Identity & access management

AWS Identity & Access Management (IAM)
AWS Single Sign-On
AWS Directory Service
Amazon Cognito
AWS Organizations
AWS Secrets Manager
AWS Resource Access Manager

  • Story 2: Detective controls

AWS Security Hub
Amazon GuardDuty
AWS Config
AWS CloudTrail
Amazon CloudWatch
VPC Flow Logs

  • Story 3: Infrastructure protection

AWS Systems Manager
AWS Shield
AWS WAF – Web application firewall
AWS Firewall Manager
Amazon Inspector
Amazon Virtual Private Cloud (VPC)

  • Story 4: Data protection

AWS Key Management Service (KMS)
AWS CloudHSM
AWS Certificate Manager
Amazon Macie
Server-Side Encryption

  • Story 5: Incident response

AWS Config Rules
AWS Lambda

PS:

One of AWS partner  can also help you to guide this along the way: https://www.cloudconformity.com/conformity-rules/

I will elaborate more about this in the next post, or next chance and add that information to this post.  Thanks.

Kind Regards,
Doddi Priyambodo

Please join and try the AWS Hands-on-Lab Workshops Activities for Builders!

At AWS, we consider all are builders. The innovators, the collaborators, the creators. The ones who see what doesn’t exist, and then make it exist. We believe nothing should stand in the builder’s way, and dreams never have to turn off. With AWS, it’s time to build on.. Because we are aiming to build something better for the world. In this post, for you developers who would like to make your hands dirty, you can try these hands on lab which will create a sample application based on the technology that you like. Please explore and … GO BUILD!

General resources:

Security:

Serverless:

Containers:

Amplify:

  • https://github.com/ykbryan/aws-react-native-amplify-workshop
  • https://github.com/ykbryan/aws-react-amplify-workshop
  • https://amplify-workshop.go-aws.com
  • https://github.com/aws-samples/aws-serverless-airline-booking >> create a mobile flight reservation application
  • https://github.com/aws-samples/aws-amplify-auth-workshops

Landing Zone & Migrations:

  • https://github.com/tohwsw/aws-account-factory
  • https://github.com/aws-samples/aws-datasync-migration-workshop

Database & Big Data & Data Lake:

Machine Learning and Artificial Intelligence:

Ready to use AI (Rekognition & Transcribe):

  • https://aws.amazon.com/blogs/machine-learning/exploring-images-on-social-media-using-amazon-rekognition-and-amazon-athena/
  • https://aws.amazon.com/blogs/machine-learning/discovering-and-indexing-podcast-episodes-using-amazon-transcribe-and-amazon-comprehend/
  • https://github.com/aws-samples/amazon-rekognition-engagement-meter
  • https://github.com/aws-samples/finding-missing-persons-using-social-media-and-amazon-rekognition
  • https://github.com/aws-samples/serverless-hotdog-detector
  • https://github.com/aws-samples/amazon-transcribe-websocket-static
  • https://github.com/aws-samples/aws-transcribe-captioning-tools
  • https://github.com/aws-samples/appsync-lambda-ai
  • https://aws.amazon.com/solutions/predictive-user-engagement/

Media:

  • https://github.com/aws-samples/aws-media-services-simple-live-workflow

Automation:

  • https://aws.amazon.com/blogs/mt/controlling-your-aws-costs-by-deleting-unused-amazon-ebs-volumes/
  • https://aws.amazon.com/solutions/distributed-load-testing-on-aws/

Huge resources:

One very good resource that I found, if you would like to do the “Hands-On” with AWS Well Architected Framework. You can check this link: https://www.youtube.com/playlist?list=PLhr1KZpdzukf1ERxT2lJnkpsmTPyG0_cC

AWS Official channel for Getting Started Guide (Step by Step), Free Trainings, and Ready to Deploy Solutions:

  • https://aws.amazon.com/getting-started/
  • https://aws.amazon.com/solutions/

My other Private resources: (can only be accessed if you have the credential, internal AWS account and in my personal Repository in Github, Gitlab, and CodeCommit)

While talkers Talk, builders Build!

Pssst…, here are some other “SECRET” hands-on-lab that you can try:

== Forecast Deep Dive
https://github.com/chrisking/ForecastPOC

== SageMaker Model Monitor
https://github.com/aws-samples/reinvent2019-aim362-sagemaker-debugger-model-monitor

== Container Observability
https://www.nickaws.net/aws/service_mesh/2019/12/29/AppMesh-Visibility.html

== VPC Endpoint
https://github.com/harrisn6/ako2020-vpc-endpoints/blob/master/build-ee-use1.md

== Serverless Security
https://bit.ly/secure-serverless (https://github.com/aws-samples/aws-serverless-security-workshop)

== Serverless Alien Attack Game
https://serverless.alienattack.ninja

== App Mesh
https://www.appmeshworkshop.com/

== SAP Datalake
http://tinyurl.com/wlyuo2x

== Control Tower
https://controltower.aws-management.tools/

== DynamoDB
https://amazon-dynamodb-labs.com

== Migration Gameday
https://migration-gameday.workshop.aws/en

== Data Migration
reinvent2019-data-workshop.s3-website-us-east-1.amazonaws.com

== Ignite Your Firecracker
http://ignite-your-firecracker.s3.amazonaws.com/quickstart.html
http://ignite-your-firecracker.s3.amazonaws.com/workshop.zip

== FreeRTOS Using M5
http://bit.ly/aws-afr-labs

== Personalize
https://github.com/aws-samples/amazon-personalize-samples/tree/master/getting_started
https://github.com/chrisking/PersonalizePOC/tree/master/completed

== CI/CD with Blue Green and Canary
http://bit.ly/mycdkbgws

== CloudFormation Workshop
cfn101.solution.builders.com

== Transit Gateway
https://www.networking-workshop.com/

Kind Regards,
Doddi Priyambodo