This hands-on lab focuses on how to be proactive about deploying resources so as not to trigger AWS Security Hub findings. The lab uses a CloudFormation template to illustrate how resources can be deployed consistently and in a secure manner.
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Enable AWS Security Hub
- Enable AWS Security Hub
- Enable AWS Config first
- Then, enable AWS Security Hub
- Enable AWS Security Hub
- Create a VPC
- Create a VPC
- From the VPC console, click the Actions dropdown and select Create Default VPC (This will also create subnets and a default security group.)
- Create a VPC
- Create a WordPress Application
- Create a key pair
- Go to the EC2 console and select Key Pairs
- Create the key pair
- Use the provided template to create a CloudFormation stack
- Upload the template during the stack creation process
- For the CloudFormation parameters, enter an IP address range for SSHLocation
- Create a key pair
- Create an SNS Topic
- Create an SNS topic for Security Hub findings
- Subscribe via email to the created topic
- Go to your email and confirm the subscription (You will receive a confirmation email.)
- Create an SNS topic for Security Hub findings
- Create an EventBridge Rule
- Create an EventBridge rule
- Link to an EventBridge event
- Link to the previously created SNS topic
- Create an EventBridge rule
