From the course: AWS Certified Security - Specialty (SCS-C03) Cert Prep
Join today to access over 25,600 courses taught by industry experts.
[HOL] SSM Automation and Config Rules - Amazon Web Services (AWS) Tutorial
From the course: AWS Certified Security - Specialty (SCS-C03) Cert Prep
[HOL] SSM Automation and Config Rules
In this hands-on lesson, we're going to create an AWS config rule that looks for any security group rules that allow access from any source address to port numbers other than port 80. Port 80 is fine. Obviously, we want people to be able to connect to our websites from the internet, but otherwise we're wide open. So that might be something that we want from a compliance perspective to restrict. So what we'll do is have config looking for compliant and non-compliant resources, and then SSM automation, so systems manager automation, will be used to remediate any non-compliant resources. In the course download in the AWS config directory, we have this config rule of remediation document. And so here we've got the general process of what we're going to do. Firstly, we'll create an IAM role for systems manager, and it's going to have this policy attached to it. We'll also add an inline policy with the code from this document, automation IAM role.json. Then we'll create a config rule using…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
(Locked)
Section 6 - Introduction34s
-
(Locked)
Secure VPC Design10m 14s
-
(Locked)
[HOL] Create a Custom VPC13m 24s
-
(Locked)
Stateful and Stateless Firewalls5m 48s
-
(Locked)
Security Groups and Network ACLs4m 47s
-
(Locked)
[HOL] Using Security Groups and NACLs10m 28s
-
(Locked)
VPC Peering7m 33s
-
(Locked)
[HOL] Configure VPC Peering9m 57s
-
(Locked)
VPC Endpoints4m 9s
-
(Locked)
[HOL] Create VPC Endpoint9m 27s
-
(Locked)
AWS Site-to-Site VPN4m 36s
-
(Locked)
Securing AWS Direct Connect5m 46s
-
(Locked)
[HOL] VPC Flow Logs6m 3s
-
(Locked)
Accessing Services – Access Keys and IAM Roles5m 35s
-
(Locked)
[HOL] Access Keys and IAM Roles13m 44s
-
(Locked)
Managing Amazon EC2 Security4m 30s
-
(Locked)
[HOL] Connect to EC2 with Instance Connect4m 47s
-
(Locked)
[HOL] Connect to EC2 with Session Manager6m 11s
-
(Locked)
AWS Services in Amazon VPC5m 18s
-
(Locked)
Automating Infrastructure as Code3m 22s
-
(Locked)
[HOL] Create Amazon VPC with CloudFormation11m 26s
-
(Locked)
Compliance with AWS Config3m 48s
-
(Locked)
[HOL] SSM Automation and Config Rules6m 29s
-
(Locked)
AWS Transit Gateway10m 16s
-
(Locked)
VPC Sharing2m 20s
-
(Locked)
AWS Service Catalog4m 10s
-
(Locked)
Network Reachability and Security Tools12m 36s
-
(Locked)
Network Access Analyzer5m 27s
-
(Locked)
[HOL] Reviewing Findings with Network Access Analyzer11m 17s
-
(Locked)
Automating Security in CI/CD4m 19s
-
(Locked)
AWS Systems Manager7m 5s
-
(Locked)
Systems Manager Parameter Store2m 55s
-
(Locked)
Infrastructure Security Exam Cram7m 50s
-
(Locked)
-
-
-
-
-