This lab is intended to explain the principles of Zero Trust model and how you can use AWS various services and features to implement these principles in the most appropriate way for their workloads. The lab focuses on applying Zero Trust principles to the service-to-service architectures used in many micro-architecture or distributed environments today.
Level
Intermediate
Duration
1 Hours 15 Minutes
Course Objectives
By the end of this lab, you will be able to do the following:
- Review the lab scenario current state service-to-service architecture.
- Review the existing security controls applied in the solution.
- Run an assessment to evaluate your current security posture.
- Improve the security posture using IAM authorization on the Amazon API Gateway.
- Improve the security posture using an API Gateway resource policy.
- Improve the security posture using an Amazon Virtual Private Cloud (Amazon VPC) Endpoint policy.
- Improve the security posture by tuning the VPC endpoint security group rules.
Intended Audience
This course is intended for:
- Architects
- Security Engineers
Prerequisites
To successfully complete this lab, you should be familiar with the following services or features:
- API Gateway
- AWS Identity and Access Management (IAM)
- Amazon Virtual Private Cloud (VPC)
- VPC Endpoints
Course Outline
Task 1: Review the lab scenario current state service-to-service architecture
Task 2: Review the existing security controls
Task 3: Run an assessment to evaluate your current security posture
Task 4: Improve your security posture using IAM authorization on the API Gateway
Task 5: Improve your security posture using API Gateway resource policy
Task 6: Improve the security posture using VPC endpoint policy
Task 7: Improve the security posture by tuning the VPC endpoint security group
