AWS-SGS - AWS Security Governance at Scale

AWS-SGS

AWS Security Governance at Scale

DLA KOGO?

Solutions Architects

STOPIEŃ TRUDNOŚCI

Średni

CZAS TRWANIA

1 dzień

METODA SZKOLENIA

Zdalnie (vILT)

CENA

2300

Security is foundational to AWS. Governance at scale is a new concept for automating cloud governance that can help companies retire manual processes in account management, budget enforcement, and security and compliance. By automating common challenges, companies can scale without inhibiting agility, speed, or innovation. In addition, they can provide decision makers with the visibility, control, and governance necessary to protect sensitive data and systems.

In this course, you will learn how to facilitate developer speed and agility, and incorporate preventive and detective controls. By the end of this course, you will be able to apply governance best practices.

DLA KOGO?

This course is intended for Solutions architects, security DevOps, and security engineers

ZDOBYTE UMIEJĘTNOŚCI

In this course, you will learn to:

Establish a landing zone with AWS Control Tower
Configure AWS Organizations to create a multi-account environment
Implement identity management using AWS Single Sign-On users and groups
Federate access using AWS SSO
Enforce policies using prepackaged guardrails
Centralize logging using AWS CloudTrail and AWS Config
Enable cross-account security audits using AWS Identity and Access Management (IAM)
Define workflows for provisioning accounts using AWS Service Catalog and AWS Security Hub

Course Introduction

Instructor introduction
Learning objectives
Course structure and objectives
Course logistics and agenda

Module 1: Governance at Scale

Governance at scale focal points
Business and Technical Challenges

Module 2: Governance Automation

Multi-account strategies, guidance, and architecture
Environments for agility and governance at scale
Governance with AWS Control Tower
Use cases for governance at scale

Module 3: Preventive Controls

Enterprise environment challenges for developers
AWS Service Catalog
Resource creation
Workflows for provisioning accounts
Preventive cost and security governance
Self-service with existing IT service management (ITSM) tools

Lab 1: Deploy Resources for AWS Catalog

Create a new AWS Service Catalog portfolio and product.
Add an IAM role to a launch constraint to limit the actions the product can perform.
Grant access for an IAM role to view the catalog items.
Deploy an S3 bucket from an AWS Service Catalog product.

Module 4: Detective Controls

Operations aspect of governance at scale
Resource monitoring
Configuration rules for auditing
Operational insights
Remediation
Clean up accounts

Lab 2: Compliance and Security Automation with AWS Config

Apply Managed Rules through AWS Config to selected resources
Automate remediation based on AWS Config rules
Investigate the Amazon Config dashboard and verify resources and rule compliance

Lab 3: Taking Action with AWS Systems Manager

Setup Resource Groups for various resources based on common requirements
Perform automated actions against targeted Resource Groups

Module 5: Resources

Explore additional resources for security governance at scale

Zobacz szczegółową agendę

Before attending this course, participants should have completed the following:

AWS Security Essentials

2300

W cenie szkolenia:

Autoryzowany instruktor
Autoryzowane materiały szkoleniowe
Laboratoria
Certyfikat ukończenia szkolenia

Podana cena jest ceną netto, do której należy doliczyć podatek VAT zgodnie z obowiązującymi przepisami

TERMINY SZKOLEŃ

date	id	code	code2	dayNumber	monthPl	monthEn	dayPl	dayEn	price	linkPl	linkEn
30.06.2025	01195c2da93c403ab81efaaff0207b7c	AZ-204	AZ-204	30	Czerwca	June	Poniedziałek	Monday	5500	POPROŚ O OFERTĘ	ASK FOR A QUOTE
30.06.2025	05103543b5704ffcb79bbcbe022fe80d	PL-900	PL-900	30	Czerwca	June	Poniedziałek	Monday	1700	POPROŚ O OFERTĘ	ASK FOR A QUOTE
01.09.2025	1cac55392c6440a784095a53b0afe085	SC-200	SC-200	01	Września	September	Poniedziałek	Monday	4000	POPROŚ O OFERTĘ	ASK FOR A QUOTE
08.09.2025	22892850948d4014a971c9b1f5df5b68	PL-300	PL-300	08	Września	September	Poniedziałek	Monday	3200	POPROŚ O OFERTĘ	ASK FOR A QUOTE
30.06.2025	54d36b1cb13947baad5b46a84f1762d2	AWS-ACARCH	AWS-ACARCH	30	Czerwca	June	Poniedziałek	Monday	9200	POPROŚ O OFERTĘ	ASK FOR A QUOTE
30.06.2025	651c5f111c18460699bf17f06d2c3beb	GCP-SEC	GCP-SEC	30	Czerwca	June	Poniedziałek	Monday	5200	POPROŚ O OFERTĘ	ASK FOR A QUOTE
04.08.2025	6a1f8ccbcc1748359bd6a497dc5e1137	AWS-ARCH	AWS-ARCH	04	Sierpnia	August	Poniedziałek	Monday	5200	POPROŚ O OFERTĘ	ASK FOR A QUOTE
30.06.2025	77cb679b21c74f658803ac6e2c3e2960	AI-3018	AI-3018	30	Czerwca	June	Poniedziałek	Monday	1700	POPROŚ O OFERTĘ	ASK FOR A QUOTE
08.09.2025	964d60725e0e411b96bb2dc9323282c0	MB-800	MB-800	08	Września	September	Poniedziałek	Monday	4500	POPROŚ O OFERTĘ	ASK FOR A QUOTE
30.06.2025	97b73ed4f02d4d4ca0b80830569b7350	DP-420	DP-420	30	Czerwca	June	Poniedziałek	Monday	4000	POPROŚ O OFERTĘ	ASK FOR A QUOTE
30.06.2025	b28abb3326dd464a996dc504e42a1713	AWS-MLOPS	AWS-MLOPS	30	Czerwca	June	Poniedziałek	Monday	6500	POPROŚ O OFERTĘ	ASK FOR A QUOTE
30.06.2025	f383e432856d420c8b6881f20bca9a5c	MS-4012	MS-4012	30	Czerwca	June	Poniedziałek	Monday	1700	POPROŚ O OFERTĘ	ASK FOR A QUOTE
		code				monthEn