Security Governance at Scale
Skip to Scheduled Dates
Course Overview
Security is foundational to AWS. Governance at scale is a new concept for automating cloud governance that can help companies retire manual processes in account management, budget enforcement, and security and compliance. By automating common challenges, companies can scale without inhibiting agility, speed, or innovation. In addition, they can provide decision makers with the visibility, control, and governance necessary to protect sensitive data and systems. In this course, students will learn how to identify and engage opportunities for governance at scale in new and existing AWS environments. Such solutions will enable developer speed and agility, and incorporate preventive and detective controls. As a result, this model will help students provide the right operational capabilities to achieve proper governance. By the end of this course, students will be able to apply governance best practices to a typical organization’s journey and identify opportunities to improve success with AWS.
Who Should Attend
Security Engineers
Delivery and Implementation Engineers
Professional services
Cloud Center of Excellence (CCOE)
Cloud practice stakeholders
Course Objectives
- Establish a landing zone with AWS Control Tower
- Configure AWS Organizations to create a multi-account environment
- Implement identity management using AWS Single Sign-On (SSO) users and groups
- Federate access using AWS SSO
- Enforce policies using pre-packaged guardrails
- Centralize logging using AWS CloudTrail and AWS Config
- Enable cross-account security audits using AWS Identity and Access Management (IAM)
- Define workflows for provisioning accounts using AWS Service Catalog and AWS Security Hub
Course Outline
1 - Governance at Scale
- Governance at scale focal points
- Business and Technical Challenges
2 - Governance Automation
- Multi-account strategies, guidance, and architecture
- Environments for agility and governance at scale
- Governance with AWS Control Tower
- Use cases for governance at scale
3 - Preventive Controls
- Enterprise environment challenges for developers
- AWS Service Catalog
- Resource creation
- Workflows for provisioning accounts
- Preventive cost and security governance
- Self-service with existing IT service management (ITSM) tools
4 - Detective Controls
- Operations aspect of governance at scale
- Resource monitoring
- Configuration rules for auditing
- Operational insights
- Remediation
- Clean up accounts
< Back to Course Search
Class times are listed Eastern time
This is a 1-day class
Class dates not listed.
Please contact us for available dates and times.