Workshop and sample code that builders can use for experiential learning of AWS services that provide data protection. Services such as AWS KMS, AWS ACM, AWS CloudHSM and others will be explored
Branch: master
Clone or download
EC2 Default User
EC2 Default User cf stack creation
Latest commit a7bf74b Feb 13, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github acm pca usecase Nov 1, 2018
cf-templates changed username Feb 12, 2019
docs Changes for mkdocs gen Feb 13, 2019
images Adding images Feb 3, 2019
CODE_OF_CONDUCT.md committing initial master Dec 24, 2018
CONTRIBUTING.md committing initial master Dec 24, 2018
LICENSE committing initial master Dec 24, 2018
README.md cf stack creation Feb 14, 2019
environment-setup.py adding sleep 1 sec Jan 1, 2019
mkdocs.yml Changes for mkdocs gen Feb 13, 2019

README.md

AWS Data Protection Workshops

If you are dealing with protecting data on your AWS architecture using methods such as encryption or certificate management, these workshops can help you learn in depth. We will be using the Cloud9 IDE and a combination of python code and AWS console access for these workshops.

Ubiquitous Encryption

Data encryption provides a strong layer of security to protect data that you store within AWS services. AWS services can help you achieve ubiquitous encryption for data in transit as well as data at rest.

Prerequisites

AWS Account

In order to complete these workshops you'll need a valid active AWS Account with Admin permissions. The code and instructions in these workshops assume only one student is using a given AWS account at a time. If you try sharing an account with another student, you'll run into naming conflicts for certain resources.

Use a personal account or create a new AWS account to ensure you have the neccessary access. This should not be an AWS account from the company you work for.

If the resources that you use for this workshop are left undeleted you will incur charges on your AWS account.

Browser

These workshops assume that you are using a Cloud IDE environment. We recommend you use the latest version of Chrome or Firefox to complete this workshop.

Knowledge Of Python Programming Language

Basic python knowledge is sufficient to consume these workshops.

Region Support

Since these workshops use the Cloud9 IDE, you can use run these workshops in the following regions where the AWS Cloud9 service is available : N.Virginia, Ohio, Oregon, Ireland and Singapore.

Cloudformation templates for initial environment setup

Please run these cloudformation stacks in your AWS account as this is required for all the workshops in this repository. When you launch the Cloudformation stack keep clicking next until you get to the point where it says

"I acknowledge that AWS CloudFormation might create IAM resources with custom names."

Acknowledge the above statement by clicking on the check box and then click on the Create button

Step 1 :

Deploy IAM user creation stack

The above stack creates an IAM user called builder with the password reInvent1#.

Before you proceed to Step 2

Please login into your account with the username builder . You need to change the password on login and going forward you have to be logged in as user builder for all the workshops.

Step 2 :

Deploy workshops environment creation stack

The above stack creates an Cloud9 IDE environment called workshop-environment . In addition a VPC with two subnets and an internet gateway is also created.

Step 3 : (Cloud9 IDE Environment Setup)

  • Navigate to the Cloud9 service within your AWS console
  • Open the Cloud9 IDE environment called workshop-environment .It takes about 30 seconds for the environment to start up.
  • In the Cloud9 IDE environment you will find a folder called data-protection in the folder pane on the left side of the screen
  • Open the file named environment-setup.py in the IDE
  • Run the python module environment-setup.py by clicking the play button on the top pane
  • This module would take about a minute to complete
  • In the runner window below you should see Workshop environment setup was successful printed
  • Open a bash terminal within the Cloud9 environment and change directory to **data-protection **. See Images below
  • At this point the cloud9 environment is ready for the workshops

Workshops

Please review and complete all the above prerequisites before attempting these workshops. The images below are clickable links


Final Cleanup

Once you you have finished working on the workshops within this repository ,the final step is to clean up the resources by deleting the cloudformation stacks that setup the workshop environment. For cleanup follow the steps below :

Step 1 :

Within the Cloud9 IDE workshop environment that you used for this workshop checkout the final clean up branch by using the following command :

git checkout final-cleanup

Step 2 :

  • In the Cloud9 IDE you will find a python module called final-cleanup.py
  • Run the final-cleanup.py python module
  • At this point cleanup of the cloudformation stacks is intitiated
  • It takes about 3 minutes for the cloudformation stacks named data-protection-iam-user-creation and data-protection-env-setup to be deleted
  • If you are logged in as user builder you will be logged out and the Cloud9 IDE workshop environment session will be terminated.

License Summary

This sample code is made available under a modified MIT license. See the LICENSE file.