Guided Walkthroughs

Configuration Packages

Custom Packages

By Implementation

Service Control PoliciesConfig RulesAuto Remediation RulesConformance PacksAmazon GuardDutyAmazon InspectorAWS Security HubAWS Network FirewallRoute53 Resolver SecurityAmazon MacieS3 Bucket PoliciesCloudWatch Alarms and Event RulesAWS WAFAWS Secrets ManagerAWS Systems ManagerSecurity Groups & NACLsAWS KMSAWS SSOIAM PoliciesVPC Endpoint PoliciesCloudFormation Guard RulesLoad BalancersRDS Event SubscriptionsAWS Resource Access Manager (RAM)

By Service Protected

Reference Guides

Other

Open Source Solutions

Last Updated: 3 months ago

Identity & Access Management

How-to Set Up Multi-Factor Authentication with OneLogin for Amazon WorkSpaces
Jan 07 2022 | AWS Desktop and Application Streaming Blog | WorkSpaces
How-to Use Okta Claims with Application Entitlements for Amazon AppStream 2.0
Jan 07 2022 | AWS Desktop and Application Streaming Blog | AppStream
How-to Use Amazon AppStream 2.0 application entitlements with Azure AD
Jan 07 2022 | AWS Desktop and Application Streaming Blog | AppStream
How-to Enable Secure Seamless Single Sign-On to Amazon EC2 Windows Instances with AWS SSO
Nov 23 2021 | AWS Security Blog | EC2, Systems Manager, SSO
How-to Use OneLogin SSO with Amazon AppStream 2.0
Oct 12 2021 | AWS Desktop and Application Streaming Blog | AppStream
How-to Use Okta as an Identity Provider with Amazon MWAA
Oct 07 2021 | AWS Compute Blog | MWAA, SSO
Manage your AWS Directory Service credentials using AWS Secrets Manager
Sep 28 2021 | AWS Security Blog | Managed Active Directory, Secrets Manager
How-to Use ACM Private CA for Enabling Mutual TLS in AWS App Mesh
Aug 31 2021 | AWS Security Blog | AppMesh, ACM
How-to Authenticate AWS Client VPN Users with AWS Single Sign-On
Aug 31 2021 | AWS Security Blog | SSO, Client VPN, VPN
How-to Integrate Okta with AWS Single Sign-On in an AWS Control Tower Environment
Apr 05 2021 | AWS Marketplace Blog | Control Tower, SSO
How to Relate IAM Role Activity to Corporate Identity
Jan 07 2021 | AWS Security Blog | IAM
Limit Interactive Session Commands by Groups of Users using AWS Systems Manager
Dec 31 2020 | AWS Management Blog | Systems Manager, IAM
How-to Automate Mutual TLS Setup for Amazon API Gateway
Dec 22 2020 | AWS Compute Blog | API Gateway
How-to Incorporate Security in Code-Reviews using Amazon CodeGuru Reviewer
Dec 18 2020 | AWS Desktop and Application Streaming Blog | AppStream
How-to Add SAML Authentication to an Amazon AppStream 2.0 SaaS Portal
Dec 18 2020 | AWS Desktop and Application Streaming Blog | AppStream
How to Bulk Import Users and Groups from CSV into AWS SSO
Dec 14 2020 | AWS Security Blog | SSO
Implementing Fine-Grained Access Control in Amazon Elasticsearch Service
Dec 09 2020 | AWS Security Blog | Elasticsearch, Cognito
How to Secure Amazon WorkSpaces for External Users
Nov 10 2020 | AWS Security Blog | Workspaces
Enabling Identity Federation with Shibboleth and Amazon AppStream 2.0
Oct 28 2020 | AWS Desktop and Application Streaming Blog | AppStream
Enabling Amazon QuickSight Federation with Azure AD
Sep 28 2020 | AWS Big Data Blog | QuickSight
Integrating FreeRADIUS MFA with Amazon WorkSpaces
Sep 24 2020 | AWS Desktop and Application Streaming Blog | WorkSpaces
How-to Secure deployment of Amazon SageMaker resources
Aug 03 2020 | AWS Security Blog | SageMaker, IAM
Configure Session Manager access for federated users using SAML session tags
Jul 13 2020 | AWS Management Blog | EC2, IAM, Systems Manager
Cross-Account IAM Roles for Kubernetes Service Accounts
Jul 07 2020 | AWS Containers Blog | EKS
Monitoring AWS Certificate Manager Private CA Events with AWS Security Hub
Jul 02 2020 | AWS Security Blog | ACM, Security Hub
Automatic Remediation for Aged IAM Access Keys using AWS Config
Jun 22 2020 | AWS Management Blog | Systems Manager, Config, IAM
Manage Amazon EKS with Okta SSO
Jun 01 2020 | AWS Network Blog | EKS
How to Set Up G Suite SAML 2.0 Federation with Amazon AppStream 2.0
May 29 2020 | AWS Desktop and Application Streaming Blog | AppStream
How-to Create IAM SAML Providers in CloudFormation
May 26 2020 | AWS Security Blog | IAM
How-to Enable Single Sign-On Between OneLogin and AWS
May 12 2020 | AWS Architecture Blog | SSO
Identify Unintended Resource Access with AWS IAM Access Analyzer
Dec 02 2019 | AWS News Blog | IAM, S3, Lambda, SQS
How-to Create a Curated Digital Catalog of AWS Marketplace Products in a Multi-Account Environment
Oct 29 2019 | AWS Marketplace Blog | Marketplace, Service Catalog
How to use AWS Secrets Manager to securely store and rotate SSH key pairs
Sep 18 2019 | AWS Security Blog | Secrets Manager, EC2
How to Federate Amazon QuickSight access with Okta
Sep 13 2019 | AWS Big Data Blog | QuickSight, IAM
HTTP Cookie Based Authentication for CloudFront with Lambda@Edge and Cognito
Aug 16 2019 | AWS Network Blog | CloudFront, Lambda
Escalating AWS IAM Privileges Part 2
Jul 23 2019 | rhinosecuritylabs | IAM
How to Use Secrets Manager in CloudFormation to Generate, Store or Retrieve Passwords
Jul 02 2019 | AWS Infrastructure & Automation Blog | Secrets Manager, CloudFormation
Set Up Workspaces and Amazon Connect Profiles When Users are Created in Managed Microsoft AD
Jun 28 2019 | AWS Compute Blog | Managed Active Directory, WorkSpaces, Connect
How to Prompt Users to Reset their AWS Managed Microsoft AD Passwords Proactively
Jun 20 2019 | AWS Security Blog | Managed Active Directory
How to Securely Store Credentials using AWS Secrets Manager with AWS Fargate
Jun 17 2019 | AWS Compute Blog | Secrets Manager, Fargate
How to Use Okta as an identity provider with AWS Transfer for SFTP
May 30 2019 | AWS Storage Blog | IAM, AWS SFTP
How to Enable federation for Amazon Connect with AWS Single Sign-On
May 30 2019 | AWS Contact Center Blog | Connect, IAM, SSO
How to Configure Single Sign-On for Amazon Connect Using Okta
May 01 2019 | AWS Contact Center Blog | Connect, IAM
How to Integrate Microsoft Azure MFA Server with Amazon WorkSpaces
Apr 29 2019 | AWS Desktop and Application Streaming Blog | WorkSpaces
Create a Self-Service Portal for Amazon WorkSpaces End Users
Apr 22 2019 | AWS Desktop and Application Streaming Blog | WorkSpaces
How to Limit Access to Stream Amazon AppStream 2.0 Applications based on IP ranges
Apr 11 2019 | AWS Desktop and Application Streaming Blog | AppStream
How to Integrate Okta MFA with Amazon WorkSpaces
Apr 02 2019 | AWS Desktop and Application Streaming Blog | WorkSpaces
How to audit AWS IAM and Resource Policies
Mar 26 2019 | AWS Datbase Blog | IAM
How to rotate Amazon DocumentDB and Amazon Redshift credentials in AWS Secrets Manager
Mar 15 2019 | AWS Security Blog | Secrets Manager, Redshift, DocumentDB
How to Enable Secure Access to Kibana using AWS Single Sign-On
Jan 30 2019 | AWS Security Blog | Elasticsearch, SSO
Using AWS SSM Parameter Store With Git SSH Keys
Dec 20 2018 | alestic.com | Systems Manager
Enable federation with AWS Single Sign-On and Amazon AppStream 2.0
Nov 20 2018 | AWS Desktop and Application Streaming Blog | SSO, AppStream
Automate replication of secrets in AWS Secrets Manager across AWS Regions
Nov 20 2018 | AWS Security Blog | Secrets Manager
Securing access to AMIs in AWS Marketplace
Nov 19 2018 | AWS Security Blog | IAM, Marketplace, EC2
How to rotate a non-RDS MySQL database secret using AWS Secrets Manager
Oct 8 2018 | AWS Security Blog | Secrets Manager, EKS
Using Federated Identities with AWS CodeCommit
Oct 5 2018 | AWS DevOps Blog | CodeCommit, SSO
Restrict Access to EC2 Instances Based on Tags
Aug 07 2018 | cloudonaut.io | EC2, IAM, Tags
Configure Secrets Manager for MongoDB
Jul 07 2018 | sanderknape.com | Secrets Manager
Control Access to AWS Regions using IAM policies
Apr 25 2018 | AWS Security Blog | AWS, IAM
How to Enable Multi-Factor Authentication for AWS Services such as Amazon Workspaces and QuickSight
Feb 13 2017 | AWS Security Blog | WorkSpaces, QuickSight, AWS Managed AD

Logging & Monitoring

Analyze AWS WAF Logs using Amazon OpenSearch Service Anomaly Detection
Jan 24 2022 | AWS Security Blog | WAF, Elasticsearch
How-to Enrich AWS Security Hub Findings with Account Metadata
Jan 21 2022 | AWS Security Blog | Security Hub
How-to Automate Alerting on Amazon WorkSpaces Service Limits
Jan 07 2022 | AWS Desktop and Application Streaming Blog | WorkSpaces
How-to Disable Security Hub Controls in a Multi-Account Environment
Jan 06 2022 | AWS Security Blog | Security Hub
Simplify Setup of Amazon Detective with AWS Organizations
Dec 22 2021 | AWS Security Blog | Detective
How-to Find Public IPs of Resources with AWS Config
Dec 21 2021 | AWS Architecture Blog | Config
Analyze Cross-Account AWS KMS Call Usage with AWS CloudTrail and Amazon Athena
Dec 21 2021 | AWS Architecture Blog | KMS, CloudTrail
How-to Create Auto-Suppression Rules in AWS Security Hub
Jul 19 2021 | AWS Security Blog | Security Hub
How-to Monitor and Track Failed Logins for AWS Managed Microsoft AD
Jul 02 2021 | AWS Security Blog | AWS Managed AD
Configure Notifications to Monitor AWS Backup Jobs
Jun 17 2021 | AWS Storage Blog | Backup
How-to Import AWS IoT Device Defender Audit Findings into Security Hub
May 24 2021 | AWS Security Blog | Security Hub, IoT Device Defender
How-to Set up a Recurring Security Hub Summary Email
Feb 24 2021 | AWS Security Blog | Security Hub
How-to Continuously Audit and Limit Security Groups with AWS Firewall Manager
Feb 18 2021 | AWS Security Blog | EC2, VPC, Firewall Manager
How-to Configure DNSSEC Signing and Validation with Amazon Route 53
Feb 04 2021 | AWS Network Blog | Route53, VPC
Build a SIEM on Amazon Elasticsearch Service
Nov 16 2020 | AWS Samples | Elasticsearch
Investigate VPC flows with Amazon Detective
Nov 16 2020 | AWS Security Blog | Detective, VPC
Using AWS Systems Manager OpsCenter and AWS Config for Compliance Monitoring
Oct 28 2020 | AWS Management Blog | Systems Manager, Config
Deploy Security Guardrails in AWS Organizations using Terraform
Oct 20 2020 | AWS Management Blog | Config
Enabling Amazon GuardDuty in AWS Control Tower using Delegated Administrator
Oct 08 2020 | AWS Management Blog | GuardDuty, Control Tower
How to Automatically Parse Route 53 Resolver Query Logs with Amazon Athena
Oct 06 2020 | AWS Network Blog | VPC, EC2, Route53
Automating Amazon CloudWatch Alarms with AWS Systems Manager
Sep 23 2020 | AWS Management Blog | Systems Manager, CloudWatch, EC2
Analyze access patterns in Amazon WorkSpaces
Sep 14 2020 | AWS Desktop and Application Streaming Blog | WorkSpaces
Securing Kubernetes applications with AWS App Mesh and cert-manager
Sep 14 2020 | AWS Containers Blog | EKS, AppMesh
Creating Realtime Dashboards using Amazon CloudFront Logs
Sep 02 2020 | AWS Network Blog | CloudFront
VPC Flow Log Automation using AWS Control Tower LifeCycle
Aug 23 2020 | AWS Management Blog | VPC, Control Tower
How-to Automate the Enrichment of AWS Alerts
Aug 18 2020 | Expel | CloudTrail, GuardDuty
Creating a Secure DevOps Pipeline for AWS Service Catalog
Aug 06 2020 | AWS Management Blog | Service Catalog
CIS Amazon EKS Benchmark Overview
Jul 21 2020 | AWS Containers Blog | EKS
How to Create a Centralized Dashboard for AWS WAF Logs
Jul 08 2020 | AWS Security Blog | WAF
Centralize Amazon CloudWatch Logs using AWS CDK
May 27 2020 | AWS Developer Blog | AppStream
Amazon Macie Features and How-To Guide
May 13 2020 | AWS News Blog | Macie
Enabling AWS Security Hub Integration with Slack using AWS Chatbot
May 08 2020 | AWS Security Blog | Security Hub
Using VPC Flow Logs to Capture and Query EKS Network Communications
Apr 17 2020 | AWS Network Blog | EKS, VPC, Athena
Enable Automatic Logging of AWS WAF Web ACLs by Using AWS Config
Apr 10 2020 | AWS Security Blog | WAF, Config
Automating AWS Security Hub Alerts with AWS Control Tower Lifecycle Events
Mar 26 2020 | AWS Management Blog | Security Hub, Control Tower
Aggregating logs with S3 Same-Region Replication
Jan 08 2020 | AWS Storage Blog | S3
How to import AWS Config rules evaluations as findings in Security Hub
Dec 23 2019 | AWS Security Blog | Security Hub, Config
Centralizing Windows Logs with Amazon Elasticsearch Services
Oct 25 2019 | AWS Compute Blog | Elasticsearch
How-to Use Control Tower to Implement Guardrails and Detect Violations
Oct 08 2019 | AWS Management Tools Blog | Control Tower
How to Send Budget Alerts to Slack or Chime using AWS Chatbot
Jul 31 2019 | AWS Cost Management Blog | Budgets
How to Automate the Creation of Amazon CloudWatch Alarms with AWS CloudFormation Macros
Jul 23 2019 | AWS Infrastructure & Automation Blog | CloudFormation, CloudWatch
How to Set Up Alerts in Amazon Elasticsearch Service
Jul 09 2019 | AWS Big Data Blog | Elasticsearch
How to Query AWS Service Logs on S3 Using Amazon Athena
May 29 2019 | AWS Big Data Blog | S3, CloudTrail, VPC, Load Balancer, CloudFront
Set up Centralised Logging for Lambda@Edge
May 10 2019 | medium.com/@stefanroman | CloudFront, Lambda
How to Monitor Amazon WorkSpaces Login Connections
Mar 04 2019 | AWS Desktop and Application Streaming Blog | WorkSpaces
How to visualize Amazon GuardDuty findings with Amazon QuickSight
Feb 18 2019 | AWS Security Blog | GuardDuty, QuickSight
How to Enable Forward AWS Security Hub Events to Slack or Email
Dec 13 2018 | AWS Partner Blog | Security Hub
How to analyze AWS WAF logs using Amazon Elasticsearch Service
Oct 30 2018 | AWS Security Blog | Elasticsearch, WAF
Visualizing Amazon GuardDuty findings
Sep 06 2018 | AWS Security Blog | GuardDuty
How to Enable Forward Amazon GuardDuty Findings to Slack
Jul 28 2018 | AWS Code Samples | Security Hub
Clean up logs in S3 Buckets using Athena
May 14 2018 | cloudonaut.io | S3, Athena
Collect custom metrics from EC2 instances
May 11 2018 | https://medium.com/@zeebaig | EC2, CloudWatch
Central Logging Solution for Applications in Multi-Account Environments
Mar 02 2018 | AWS Architecture Blog | AWS, Kinesis, CloudWatch
CloudWatch Alarms to Slack Integration
Nov 01 2017 | cloudonaut.io | CloudWatch, Slack
AWS Honeytokens: Breach Detection At Scale With PROJECT SPACECRAB
Oct 19 2017 | developer.atlassian.com | AWS

Backup & Disaster Recovery

Management

How-to Automate VPC Tagging with AWS Control Tower Lifecycle Events
Jan 12 2022 | AWS Infrastructure & Automating Blog | Control Tower, Tags
How-to Automate Alerting on Amazon WorkSpaces Service Limits
Jan 07 2022 | AWS Desktop and Application Streaming Blog | WorkSpaces
How-to Use AWS Control Tower to Deploy AWS Quick Starts to Multiple Accounts
Nov 09 2021 | AWS Infrastructure & Automating Blog | Control Tower
Manage your AWS Directory Service credentials using AWS Secrets Manager
Sep 28 2021 | AWS Security Blog | Managed Active Directory, Secrets Manager
How to Organize Cost and Usage Data with AWS Cost Categories
May 06 2020 | AWS Cost Management Blog | Cost Explorer, Budget
Remediating Non-Compliant AWS Service Catalog Products using AWS Config
Apr 09 2020 | AWS Management Blog | Service Catalog
Manage Amazon Elastic File System (EFS) Costs using AWS Budgets
Feb 25 2020 | AWS Cost Management Blog | Budgets, EFS
How to Monitor Service Usage with CloudWatch Alarms and Service Quotas
Dec 21 2019 | AWS Management Tools Blog | CloudWatch, Service Quota
Manage Tags Across Multiple AWS Accounts with Tag Policies
Nov 25 2019 | AWS Security Blog | Tags
How-to Use Control Tower to Implement Guardrails and Detect Violations
Oct 08 2019 | AWS Management Tools Blog | Control Tower
How to Create a Budget for Service Catalog Products
Sep 13 2019 | AWS Cost Management Blog | Budgets
Auto-populate instance details by integrating AWS Config with your ServiceNow CMDB
Aug 09 2019 | AWS Management Tools Blog | EC2, Config, ServiceNow
How to Send Budget Alerts to Slack or Chime using AWS Chatbot
Jul 31 2019 | AWS Cost Management Blog | Budgets
Automating life-cycle management for ephemeral resources using AWS Service Catalog
Jul 22 2019 | AWS Infrastructure & Automation Blog | Service Catalog
How to Query AWS Cost and Usage Report using Amazon Athena
Jul 08 2019 | AWS Cost Management Blog | AWS
Set Up Workspaces and Amazon Connect Profiles When Users are Created in Managed Microsoft AD
Jun 28 2019 | AWS Compute Blog | Managed Active Directory, WorkSpaces, Connect
How to Install and Configure the AWS Service Catalog Connector for ServiceNow
May 22 2019 | AWS Management Tools Blog | Service Catalog, ServiceNow
Enable Self-Service, Secured Data Science using Amazon SageMaker Notebooks and AWS Service Catalog
Mar 29 2019 | AWS Management Tools Blog | SageMaker, Service Catalog
How to audit AWS IAM and Resource Policies
Mar 26 2019 | AWS Datbase Blog | IAM
Automate enabling AWS Security Hub in Multi-Account Environments
Jan 31 2019 | AWS Security Blog | Security Hub
Securing access to AMIs in AWS Marketplace
Nov 19 2018 | AWS Security Blog | IAM, Marketplace, EC2
How to Query for the latest Windows AMI ID using AWS SSM Parameter Store
Nov 17 2018 | AWS Management Tools Blog | Systems Manager, EC2
Create On-Demand Secure Partitions for Application using AWS Service Catalog
Oct 11 2018 | AWS Management Tools Blog | IAM, Service Catalog
How to Enable Self-Service Amazon WorkSpaces by Using AWS Service Catalog Connector for ServiceNow
Jul 16 2018 | AWS Management Tools Blog | Service Catalog, WorkSpaces, ServiceNow
How to Query for the latest Amazon Linux AMI IDs using AWS SSM Parameter Store
Jun 18 2018 | AWS Management Tools Blog | Systems Manager, EC2
AWS Instance Scheduler
Feb 17 2018 | AWS Answers | EC2, RDS
How to Automate End-to-End Account Creation with AWS Organizations
Jul 24 2017 | AWS Security Blog | Organizations

Infrastructure Security

How-to Automate Amazon WorkSpaces custom images across AWS Regions
Jan 07 2022 | AWS Desktop and Application Streaming Blog | WorkSpaces
Container Scanning in Amazon ECR Private Registries using Amazon Inspector
Dec 17 2021 | AWS Containers Blog | ECR, Inspector
Protect Workspaces Environments with AWS DNS Firewall and AWS Network Firewall
Sep 17 2021 | AWS Security Blog | Workspaces, Network Firewall, DNS Firewall
How-to Automate Forensic Disk Collection in AWS
Aug 24 2021 | AWS Security Blog | EC2
How-to Protect Amazon EKS Web Apps with AWS WAF
Aug 02 2021 | AWS Container Blog | WAF, EKS
How-to Implement a Centralized Patching Solution Across Multiple AWS Regions
Jul 19 2021 | AWS Security Blog | EC2, Systems Manager
EC2 AMI updates with capacity providers in Amazon ECS
Jun 17 2021 | AWS Containers Blog | ECS
Hands-on Walkthrough of the AWS Network Firewall Flexible Rules Engine
Apr 27 2021 | AWS Security Blog | VPC, Network Firewall
Adding MACsec security to AWS Direct Connect connections
Apr 21 2021 | AWS Network Blog | Direct Connect
Automatically Block Suspicious Traffic with AWS Network Firewall and Amazon GuardDuty
Mar 16 2021 | AWS Security Blog | GuardDuty, Network Firewall
How Amazon Uses Amazon AppStream 2.0 to Provide Access to Sensitive Data
Mar 10 2021 | AWS Desktop and Application Streaming Blog | AppStream
How-to Configure DNSSEC Signing and Validation with Amazon Route 53
Feb 04 2021 | AWS Network Blog | Route53, VPC
How to Enforce AWS Network Firewall Protections at Scale with AWS Firewall Manager
Dec 04 2020 | AWS Security Blog | Network Firewall, Firewall Manager
How-to Create ServiceNow Incidents for AWS License Manager Notifications
Nov 23 2020 | AWS Management Blog | License Manager
How to Set up Centralized Monitoring for DDoS events and Auto-Remediate Noncompliant Resources
Nov 19 2020 | AWS Security Blog | Shield, Firewall Manager, Security Hub
How to Centrally Manage AWS WAF and AWS Managed Rules at Scale with Firewall Manager
Nov 17 2020 | AWS Security Blog | WAF, Firewall Manager
How to Secure Amazon WorkSpaces for External Users
Nov 10 2020 | AWS Security Blog | Workspaces
Automate Shared VPC and Security Group Provisioning using Control Tower Lifecycle Events
Oct 28 2020 | AWS Management Blog | VPC, Control Tower, Firewall Manager, EC2
How to enhance Amazon CloudFront origin security with AWS WAF and AWS Secrets Manager
Oct 22 2020 | AWS Security Blog | WAF, CloudFront, Secrets Manager
Use AWS Firewall Manager to Deploy Protection at Scale in AWS Organizations
Oct 14 2020 | AWS Security Blog | VPC, EC2, Firewall Manager, WAF
Isolating network access for AWS Cloud9 environments
Sep 29 2020 | AWS Security Blog | Cloud9
Designing a Secure Container Image Registry
Sep 25 2020 | AWS Containers Blog | ECR
Securing Kubernetes applications with AWS App Mesh and cert-manager
Sep 14 2020 | AWS Containers Blog | EKS, AppMesh
Integrating AWS CloudFormation Security Tests with AWS Security Hub and AWS CodeBuild Reports
Sep 14 2020 | AWS Security Blog | CloudFormation, CloudFormation Guard
How to configure an LDAPS endpoint for Simple AD
Sep 09 2020 | AWS Security Blog | SimpleAD
Defense in depth using AWS Managed Rules for AWS WAF
Sep 02 2020 | AWS Security Blog | WAF
Write Preventive Compliance Rules for AWS CloudFormation Templates the cfn-guard way
Aug 04 2020 | AWS Management Blog | CloudFormation, CloudFormation Guard
Migrating Rules from AWS WAF Classic to AWS WAF v2
Aug 04 2020 | AWS Security Blog | WAF
How-to Secure deployment of Amazon SageMaker resources
Aug 03 2020 | AWS Security Blog | SageMaker, IAM
CIS Amazon EKS Benchmark Overview
Jul 21 2020 | AWS Containers Blog | EKS
Using Calico on Amazon EKS Windows Containers
Jun 15 2020 | AWS Containers Blog | EKS
How to Perform Automated Incident Response in a Multi-Account Environment
Jun 01 2020 | AWS Security Blog | GuardDuty, Security Hub, Systems Manager
How-to Scale Remote Access VPN on AWS
Apr 30 2020 | AWS Network Blog | EC2, VPC
Using EKS Encryption Provider Support for Defense-in-Depth
Mar 05 2020 | AWS Containers Blog | EKS
How-to Secure VPCs Egress using IDS/IPS leveraging Transit Gateway
Jan 14 2020 | AWS Network Blog | EC2, VPC, Transit Gateway
How to integrate third-party firewall appliances into an AWS environment
Jan 11 2020 | AWS Network Blog | EC2, VPC, Transit Gateway
Auto Remediation Example Using Amazon GuardDuty and Security Hub
Nov 26 2019 | AWS Security Blog | Security Hub, GuardDuty, EventBridge
How-to Forward Prowler Security Configuration Findings to Security Hub
Nov 26 2019 | AWS Security Blog | Security Hub
How to use AWS Managed Rules for AWS WAF
Nov 25 2019 | AWS Security Blog | WAF
How to Access Private S3 Buckets from CloudFormation Templates for Bootstrapping EC2 Instances
Nov 19 2019 | AWS Infrastructure & Automation Blog | CloudFormation, EC2
CloudFormation Best Practices for Deploying EC2 Instances Securely
Nov 15 2019 | AWS Infrastructure & Automation Blog | CloudFormation, EC2
How-to Create a Single internet Exit Point from Multiple VPCs Using AWS Transit Gateway
Oct 29 2019 | AWS Network Blog | Transit Gateway, EC2, VPC
How-to Create a Curated Digital Catalog of AWS Marketplace Products in a Multi-Account Environment
Oct 29 2019 | AWS Marketplace Blog | Marketplace, Service Catalog
How to Add URL Filtering to Your NAT Instance with Squid
Sep 23 2019 | AWS Security Blog | EC2
How to Automate the Creation of Amazon CloudWatch Alarms with AWS CloudFormation Macros
Jul 23 2019 | AWS Infrastructure & Automation Blog | CloudFormation, CloudWatch
Automating life-cycle management for ephemeral resources using AWS Service Catalog
Jul 22 2019 | AWS Infrastructure & Automation Blog | Service Catalog
How to Centralize DNS Management of Hybrid Cloud with Amazon Route 53 and AWS Transit Gateway
May 03 2019 | AWS Network Blog | VPC, Route 53, Transit Gateway
Setting up OpenVPN Access Server in Amazon VPC
Mar 26 2019 | AWS Marketplace Blog | VPC, OpenVPN
Bulid a Serverless OpenVPN Certificate Authority on AWS
Mar 07 2019 | medium.com/empathybroker | VPC
How to Create an Opportunistic IPSec Mesh between EC2 Instances
Dec 20 2018 | AWS Security Blog | EC2, VPN, VPC
Best Practices for Securing Amazon EMR
Dec 14 2018 | AWS Big Data Blog | EMR, IAM
Protecting your API using AWS WAF
Nov 19 2018 | AWS Compute Blog | API Gateway, WAF
Create On-Demand Secure Partitions for Application using AWS Service Catalog
Oct 11 2018 | AWS Management Tools Blog | IAM, Service Catalog
Restrict Access to EC2 Instances Based on Tags
Aug 07 2018 | cloudonaut.io | EC2, IAM, Tags
Automate Security Group Updates with AWS Lambda
Oct 24 2017 | AWS Compute Blog | EC2
Basic HTTP Authentication for a Static Website Hosted on AWS S3
Aug 30 2017 | hackernoon.com/@lmakarov | S3, CloudFront
Implementing DevSecOps Using AWS CodePipeline
Mar 23 2017 | AWS Security Blog | CodePipeline, CloudFormation

Data Protection

How-to Create AWS Lambda Environment Variables from AWS Secrets Manager
Oct 28 2021 | AWS Compute Blog | Lambda, Secrets Manager
How-to Enable Data Classification for Amazon RDS with Macie
Oct 05 2021 | AWS Security Blog | Macie, RDS
How-to Enable Data Classification for Amazon RDS with Macie
Oct 05 2021 | AWS Security Blog | Macie, RDS
How-to Implement a Hybrid PKI Solution on AWS
May 26 2021 | AWS Security Blog | ACM
Data Masking using AWS DMS
May 25 2021 | AWS Database Blog | DMS, RDS, S3
Discovering Sensitive Data in AWS CodeCommit with AWS Lambda
Jan 04 2021 | AWS Compute Blog | CodeCommit
Detecting Sensitive Data in DynamoDB with Macie
Dec 11 2020 | AWS Security Blog | DynamoDB, Macie
Implementing Fine-Grained Access Control in Amazon Elasticsearch Service
Dec 09 2020 | AWS Security Blog | Elasticsearch, Cognito
Architecting for Database Encryption on AWS
Oct 08 2020 | AWS Security Blog | RDS, KMS
How-to Secure deployment of Amazon SageMaker resources
Aug 03 2020 | AWS Security Blog | SageMaker, IAM
Securing and Accessing Secrets from Lambda@Edge using AWS Secrets Manager
Jul 20 2020 | AWS Network Blog | CloudFront, Secrets Manager
Serving SSE-KMS Encrypted Content from S3 using CloudFront
May 15 2020 | AWS Network Blog | CloudFront, S3
Amazon Macie Features and How-To Guide
May 13 2020 | AWS News Blog | Macie
Using EKS Encryption Provider Support for Defense-in-Depth
Mar 05 2020 | AWS Containers Blog | EKS
Simple DLP for AWS S3
Feb 18 2020 | darkbit.io/ | S3
Use Customer Managed KMS Keys to Encrypt DynamoDB Tables
Nov 26 2019 | AWS Database Blog | DynamoDB
Best Practices for Securing Sensitive Data in Amazon DynamoDB
Nov 11 2019 | AWS Database Blog | DynamoDB
How to Protect data with Amazon S3 Object Lock
Sep 05 2019 | AWS Storage Blog | S3
HTTP Cookie Based Authentication for CloudFront with Lambda@Edge and Cognito
Aug 16 2019 | AWS Network Blog | CloudFront, Lambda
How to Use Secrets Manager in CloudFormation to Generate, Store or Retrieve Passwords
Jul 02 2019 | AWS Infrastructure & Automation Blog | Secrets Manager, CloudFormation
Best Practices for Securing Amazon EMR
Dec 14 2018 | AWS Big Data Blog | EMR, IAM
Configure Secrets Manager for MongoDB
Jul 07 2018 | sanderknape.com | Secrets Manager
Serverless Anti-Virus Scanning solution for S3
Sep 28 2017 | github.com/upsidetravel | S3

Threat Detection

How-to Automate Forensic Disk Collection in AWS
Aug 24 2021 | AWS Security Blog | EC2
How-to Protect Amazon EKS Web Apps with AWS WAF
Aug 02 2021 | AWS Container Blog | WAF, EKS
Automatically Block Suspicious Traffic with AWS Network Firewall and Amazon GuardDuty
Mar 16 2021 | AWS Security Blog | GuardDuty, Network Firewall
Enabling Amazon GuardDuty in AWS Control Tower using Delegated Administrator
Oct 08 2020 | AWS Management Blog | GuardDuty, Control Tower
How to Create a Centralized Dashboard for AWS WAF Logs
Jul 08 2020 | AWS Security Blog | WAF
How to use AWS Managed Rules for AWS WAF
Nov 25 2019 | AWS Security Blog | WAF
Best Practices for Setting Up and Using AWS Security Hub
Aug 23 2019 | AWS Security Blog | Security Hub
Integrate Cloud Custodian with AWS Security Hub
Nov 29 2018 | AWS Open Source Blog | Security Hub, Cloud Custodian
Protecting your API using AWS WAF
Nov 19 2018 | AWS Compute Blog | API Gateway, WAF
How to analyze AWS WAF logs using Amazon Elasticsearch Service
Oct 30 2018 | AWS Security Blog | Elasticsearch, WAF
Visualizing Amazon GuardDuty findings
Sep 06 2018 | AWS Security Blog | GuardDuty
AWS Honeytokens: Breach Detection At Scale With PROJECT SPACECRAB
Oct 19 2017 | developer.atlassian.com | AWS
Serverless Anti-Virus Scanning solution for S3
Sep 28 2017 | github.com/upsidetravel | S3

Automatic Remediation

How-to Monitor Amazon EventBridge Events in Slack channels with AWS Chatbot
Jun 08 2021 | AWS Management Blog | Chatbot, EventBridge, CloudWatch
Automatically Block Suspicious Traffic with AWS Network Firewall and Amazon GuardDuty
Mar 16 2021 | AWS Security Blog | GuardDuty, Network Firewall
How to Automate Incident Response in the AWS Cloud for EC2 Instances
Oct 20 2020 | AWS Security Blog | WAF, CloudFront, Secrets Manager
Automatic Remediation for Aged IAM Access Keys using AWS Config
Jun 22 2020 | AWS Management Blog | Systems Manager, Config, IAM
How to Perform Automated Incident Response in a Multi-Account Environment
Jun 01 2020 | AWS Security Blog | GuardDuty, Security Hub, Systems Manager
Enable Automatic Logging of AWS WAF Web ACLs by Using AWS Config
Apr 10 2020 | AWS Security Blog | WAF, Config
Remediating Non-Compliant AWS Service Catalog Products using AWS Config
Apr 09 2020 | AWS Management Blog | Service Catalog
How-to Automate Response and Remediation with AWS Security Hub
Jan 29 2020 | AWS Security Blog | AWS, Security Hub
Auto Remediation Example Using Amazon GuardDuty and Security Hub
Nov 26 2019 | AWS Security Blog | Security Hub, GuardDuty, EventBridge

Billing

Trends Dashboard with AWS Cost and Usage Reports, Amazon Athena and Amazon QuickSight
Jun 10 2021 | AWS Cost Management Blog | Cost & Usage Reports
Cost Tagging and Reporting with AWS Organizations
May 12 2021 | AWS Cost Management Blog | Tags, Organizations
Cost Reporting Based on AWS Organizations Account ID Tags
Mar 04 2021 | AWS Cost Management Blog | Organizations
How to Organize Cost and Usage Data with AWS Cost Categories
May 06 2020 | AWS Cost Management Blog | Cost Explorer, Budget
Manage Amazon Elastic File System (EFS) Costs using AWS Budgets
Feb 25 2020 | AWS Cost Management Blog | Budgets, EFS
How to Create a Budget for Service Catalog Products
Sep 13 2019 | AWS Cost Management Blog | Budgets
How to Send Budget Alerts to Slack or Chime using AWS Chatbot
Jul 31 2019 | AWS Cost Management Blog | Budgets
How to Query AWS Cost and Usage Report using Amazon Athena
Jul 08 2019 | AWS Cost Management Blog | AWS

EC2 Instance Security

Testing EC2 Image Builder pipelines using Chef InSpec
Feb 04 2021 | AWS Compute Blog | EC2
How to Enforce AWS Network Firewall Protections at Scale with AWS Firewall Manager
Dec 04 2020 | AWS Security Blog | Network Firewall, Firewall Manager
How to Automate Incident Response in the AWS Cloud for EC2 Instances
Oct 20 2020 | AWS Security Blog | WAF, CloudFront, Secrets Manager
Use AWS Firewall Manager to Deploy Protection at Scale in AWS Organizations
Oct 14 2020 | AWS Security Blog | VPC, EC2, Firewall Manager, WAF
Software Patch Using AWS Management Tools CI/CD and Terraform
Jun 23 2020 | AWS Management Blog | Systems Manager, EC2
Automate OS Image Build Pipelines with EC2 Image Builder
Dec 02 2019 | AWS News Blog | EC2, Image Builder, Inspector
Auto-populate instance details by integrating AWS Config with your ServiceNow CMDB
Aug 09 2019 | AWS Management Tools Blog | EC2, Config, ServiceNow
How to Create an Opportunistic IPSec Mesh between EC2 Instances
Dec 20 2018 | AWS Security Blog | EC2, VPN, VPC
How to patch Windows EC2 instances in private subnets Using AWS Systems Manager
Dec 14 2018 | AWS Management Tools Blog | Systems Manager, EC2
Extend golden AMIs with AWS Marketplace Private Image Build
Nov 8 2018 | AWS Marketplace Blog | Marketplace, EC2
Restrict Access to EC2 Instances Based on Tags
Aug 07 2018 | cloudonaut.io | EC2, IAM, Tags
Preventing blacklisted applications with AWS Systems Manager and AWS Config
Apr 26 2018 | AWS Management Tools Blog | EC2, Systems Manager, Config
Using AWS Systems Manager to run compliance scans using InSpec by Chef
Mar 07 2018 | AWS Management Tools Blog | EC2, Systems Manager
Automate Patching Linux Workloads on AWS
Feb 12 2018 | AWS Security Blog | EC2, Systems Manager
How to secure infrequently used EC2 instances with AWS Systems Manager
Jan 31 2018 | AWS Management Tools Blog | EC2, Systems Manager
Automate Patch, Inspect, and Protect Microsoft Windows Workloads on AWS
Nov 22 2017 | AWS Security Blog | EC2, Systems Manager, Inspector
Auto Deploy Inspector Agents on EC2 Instances When Launched
Sep 1 2016 | AWS Labs | Systems Manager, Inspector

Identify & Access Management

Offensive Security

Exploiting AWS ECR and ECS with the Cloud Container Attack Tool (CCAT)
Aug 27 2019 | rhinosecuritylabs | ECS, ECR, EKS
Escalating AWS IAM Privileges Part 2
Jul 23 2019 | rhinosecuritylabs | IAM
How to Phish AWS IAM Users with Virtual MFA Enabled
Jun 23 2019 | rhinosecuritylabs | IAM
Exploiting Common Serverless Security Flaws in AWS
May 17 2019 | thetestlabs.io | Lambda
How to Compromise AWS IAM Credentials
Dec 01 2018 | rhinosecuritylabs | IAM
Enumerating AWS Roles through "AssumeRole".
Aug 29 2018 | rhinosecuritylabs | AWS, IAM
Pacu: The Open Source AWS Exploitation Framework
Aug 21 2018 | rhinosecuritylabs | AWS
Privilege Escalation in AWS
Aug 08 2018 | rhinosecuritylabs | AWS
Disrupting AWS Logging
Apr 29 2017 | blog.thinkst.com | AWS, CloudTrail
Backdooring an AWS account
Jul 09 2016 | danielgrzelak.com | AWS