Updated on: 20 December 2019
Security Helpful Resources
- AWS What's New Blog -- A resource which shows you a listing of all the new feature announcements on the AWS platform.
- AWS This Is My Architecture -- A site which contains video chalk talks discussing differnent architectures that all run on AWS.
- AWS EC2 Instance Types -- Helpful page that is a complete listing of all of the instance families and types that are available. As well as what use case they are.
- AWS Security Center -- A site built for developers, your one-stop landing page for all things related to security.
- AWS Blog Listing -- AWS publishes many great blog articles, this is a running list
- AWS Architecture Center -- AWS Architecture Center contains mainly helpful blogs, videos, and resources from an architecture perspective.
- AWS Pen Testing Policy -- Stay up to date with the latest AWS Penentration Testing Policy
- AWS Solutions -- Has pre-built solutions that you can deploy to get your app up and running quickly.
- AWS Whitepapers -- Great resource for learning best practices for the AWS Cloud.
- AWS Security Exam Guide -- Exam guide for the AWS Security Exam
- AWS Certification Exam Prep Site
- AWS Security Sample Exam
Tutorials and Great Labs
Below are some links to some great starter labs as well as tutorials to help you build solutions on AWS.
Sample Projects, Tools, and Code
The below resources are links to tools, code samples and projects.
- AWS CLI
- AWS CDK
- AWS Python 3 SDK aka boto3 Reference Doc
- AWS Trusted Advisor Tools
- AWS Config Rules Development Kit
- AWS Quick Starts
- CDK Workshop
- EKS Workshop
- Amazon Macie Activity Generator
Great Videos From Webinars / re:invent
- Cognito: Authentication for Your Applications: Getting Started with Amazon Cognito - AWS Online Tech Talks
- SSO: Deep Dive on AWS Single Sign On
- AWS Security Session re:invent 2018
- AWS Incident Response Security Session re:invent 2018
- AWS Security Hub Launch re:invent 2018
- AWS DDoS Response
Great Blog Posts
Q: What are the four main use cases for IAM Roles?
A: 1. AWS Service to Service Access 2. Cross-Account Access 3. Federation / SSO 4. Temporary Access
Q: What is the special URL where I can query metadata inside an EC2? A: curl http://169.264.169.254/latest/meta-data/
Q: What is the special URL where I can query userdata inside an EC2? A: curl http://169.264.169.254/latest/user-data/
Q: How can I audit my CloudTrail logs, specifically when they are federated with STS / SAML? A: See links below
- CloudTrail Tracks Cross-Account Activity
- CouldTrail: Audit Cross Account Roles with CloudWatch Events
- CloudTrail: Identify Federated Users
AWS and Third-Party Tools
- AWS CLI -- Command Line Interface
- AWS CLI v2 -- A version 2 update, makes SSO easier.
- AWS CDK -- Cloud Development Kit (CloudFormation via TypeScript)
- AWS ECS CLI -- AWS ECS CLI v2
- AWS SAM -- Serverless Application Model (CloudFormation for Serverless Apps)
- AWS SAM CLI Toolkit -- CLI tool for using SAM
- Serverless Framework -- Third Party Serverless CLI tool