Security Governance at Scale
Course Duration
1 Day
Audience
Employees of federal, state and local governments; and businesses working with the government.
Prerequisites
Before attending this course, participants should have completed the following: AWS Security Essentials
Course Description
This course teaches students how to implement security governance across large AWS environments. Topics include automated policy enforcement, account vending, guardrails, AWS Organizations, AWS Control Tower, AWS Config, and Security Hub — enabling teams to maintain compliance and visibility at enterprise scale.
Learning Objectives
- Establish a landing zone with AWS Control Tower
- Configure AWS Organizations to create a multi-account environment
- Implement identity management using AWS Single Sign-On (SSO) users and groups
- Federate access using AWS SSO
- Enforce policies using pre-packaged guardrails
- Centralize logging using AWS CloudTrail and AWS Config
- Enable cross-account security audits using AWS Identity and Access Management (IAM)
- Define workflows for provisioning accounts using AWS Service Catalog and AWS Security Hub
Course Outline
- 1 – Governance at Scale
- 2 – Governance Automation
- 3 – Preventive Controls
- 4 – Detective Controls