Quick link to this page: https://bit.ly/cornell-aws-security
See "Resources" sections below for links to workshop and exercise materials.
Summary
This AWS training will cover many aspects of security in AWS, mostly focused on Identity and Access Management (IAM). The first session provides a basic introduction to IAM concepts and best practices. The second session covers intermediate and advanced IAM topics. Both sessions include hands-on exercises and coverage of Cornell-specific security configurations and tools. Both sessions are jointly presented by AWS and Cornell staff. Sessions are remotely presented over about 4 hours, including breaks and hands-on exercises.
Session 1 – AWS Security - Introduction & Basic Topics
Details
- Topic: AWS Security - Introduction & Basic Topics
- Date: Tuesday April 6, 2021
- Time: 9am - 1pm ET
- Optional Q&A: 1pm-1:30pm
- Location: Zoom. Link provided at registration.
- Cost: $0
- Registration via CULearn required.
- Registration form: https://cornell.sabacloud.com/Saba/Web_spf/NA1PRD0089/common/ledetail/cours000000000026500
- Registration deadline: March 30
Agenda
Time | Topic | Details |
---|---|---|
9:00-9:10 | Welcome & Introduction | |
9:10-9:40 | Shared Responsibility Model | |
9:40-11:00 | Identity best practices on AWS |
|
11:00-11:15 | Break | |
11:15-11:30 | Using CloudShell | |
11:30-1:00 | Practical AWS Security Basics |
|
(Optional) 1:00-1:30 | Optional Q&A |
Resources
- Presentation: TBD
- Materials
- Lab: https://bit.ly/3upu3nd (LEVEL 300: IAM TAG BASED ACCESS CONTROL FOR EC2)
- Access to Event Engine: https://dashboard.eventengine.run/login
- Cornell AWS Account Access - Hands-on Exercise
- S3 Public Access - Hands-on Exercise
- CloudCheckr CMX SSO Login
- Access to Survey: https://survey.immersionday.com/hoFPisUMg
- References
Session 2 – AWS Security - Intermediate & Advanced Topics
Details
- Topic: AWS Security - Intermediate & Advanced Topics
- Date: Wednesday April 14, 2021
- Time: 9am - 1pm ET
- Optional Q&A: 1pm-1:30pm
- Location: Zoom. Link provided at registration.
- Cost: $0
- Registration via CULearn required.
- Registration form: https://cornell.sabacloud.com/Saba/Web_spf/NA1PRD0089/common/ledetail/cours000000000026501
- Registration deadline: April 7
Agenda
Time | Topic | Details |
---|---|---|
9:00 | Welcome & Introduction | |
9:00-9:30 | IAM and Identity best practices on AWS | |
9:30-9:40 | IAM permission boundary demo | |
9:40-10:00 | IAM permissions boundary lab | https://d29727063o6tf9.cloudfront.net/permissionboundary.html |
10:00-10:25 | CloudTrail | |
10:25-10:30 | CloudTrail demo | |
10:30-10:45 | CloudTrail at Cornell | |
10:45-11:00 | CloudTrail lab | |
11:00-11:15 | Break | |
11:15-11:45 | Config Service | |
11:45-12:05 | Cornell Config Service lab | AWS Config - Hands-on Exercise |
12:05-12:35 | IAM Access Analyzer | |
12:35-1:00 | Cornell Access Analyzer lab | AWS Access Analyzer - Hands-on Exercise |
(Optional) 1:00-1:30 | Optional Q&A |
Resources
- Presentation: TBD
- Materials
Permissions Boundaries: https://d29727063o6tf9.cloudfront.net/permissionboundary.html
- CloudTrail Lab: https://workshop.aws-management.tools/cloudtrail/athena/
- Config hands-on: AWS Config - Hands-on Exercise
- Access Analyzer hands-on: AWS Access Analyzer - Hands-on Exercise
- References
- References from presentation chat