Security is a top priority for Amazon Web Services (AWS). AWS provides many tools and services to meet your unique security needs. This lab will present a solution, among many, to enhance your security. This lab walks through a method to automatically update your Virtual Private Cloud (VPC) Security Groups to only allow access from Amazon CloudFront and AWS Web Application Firewall (WAF). Defining Security Groups rules this way prevents malicious requests from by-passing AWS WAF security rules and accessing your EC2 instances directly.
Level
Intermediate
Duration
1 Hours 0 MinutesCourse Objectives
In this course, you will learn how to:
- Create Amazon VPC security groups
- Create an AWS Identity and Access Management (IAM) policy
- Create an AWS Lambda function
- Test a Lambda function with sample events
- Subscribe the Lambda function to an Amazon SNS topic
Intended Audience
This course is intended for:
- Architects
- Security Engineers
Prerequisites
We recommend that attendees of this course have the following prerequisites:
- Familiar with AWS services including Amazon EC2, Amazon VPC security groups, IAM roles and policies, and Amazon SNS.
- Comfortable logging in to and using the AWS Management Console
Course Outline
- Task 1: Create Security Groups
- Task 2: Create a Lambda Function
- Task 3: Test Your Lambda Function
- Task 4: Verify Security Group Update