AWS Security Essentials - VPC Endpoints and Securing S3

1 hour
  • 3 Learning Objectives

About this Hands-on Lab

AWS S3 and DynamoDB are fantastic managed services. They allow you to focus on what’s important while AWS focuses on the backend processes. Unfortunately, because these services are managed by AWS, they require traffic to leave your protected VPC to be accessed. Enter VPC Endpoints! VPC Endpoints allow you to create endpoints within your VPC that keep the traffic on a private link between your VPC resources and these AWS services. Accessing DynamoDB and S3 privately using your own VPC CIDR range is crucial to maintaining a secure environment that is resistant to hackers and data thieves. In this learning activity, you will configure a VPC Endpoint and utilize encryption to ensure your data is secure.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Secure the S3 Buckets

For this task, let’s look around to see what was provided for this hands-on lab and walk through how we can tighten the security for our S3 buckets.

SSH into AppServer1

For this task, we’ll SSH in our Bastion Host, then SSH into AppServer1 and run aws s3 ls to list the buckets in S3.

Create a VPC Endpoint

In this task, we’ll create a VPC endpoint to see how using a VPC endpoint can add security to your S3 buckets.

Additional Resources

Go ahead and log into the AWS console using the credentials provided.
Then, make sure you're in the Northern Virginia Region (us-east-1).

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?