Using AWS Config and CloudTrail

30 minutes
  • 3 Learning Objectives

About this Hands-on Lab

In this hands-on lab, you just started as a Cloud Engineer at a company. Your new boss has asked you to do a scream test and stop an EC2 instance as well as remove network routes and rules to validate if the Lab VPC and Corporate Server EC2 instance can be decommissioned.

Very soon after the changes, the scream test fails and clients are reporting they cannot connect to their applications. Your boss reaches back out to you and asks you to revert all changes you made. In this lab, you will leverage AWS CloudTrail and AWS Config to ensure all changes are accounted for and reverted to restore the Lab environment. By the end of this exercise, you will be familiar enough with CloudTrail and Config to audit any unexpected or accidental changes to an account and determine what specifically was updated in case you need to roll back the changes.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Initiate the Scream Test

Initiate the Scream Test by doing the following:

  1. Stop the CorporateServerEC2 instance in the us-east-1 region.
  2. Remove all outbound rules on the CorporateApplicationServersecurity group.
  3. Break networking by removing the NAT gateway route in the route table for the subnet the CorporateServerinstance is launched in.
Review the Changes for the Scream Test in Config and CloudTrail

In the CloudTrail logs find the 3 changes made. For the security group and route table changes, view the configuration timeline in AWS Config for specific details about the rules and route that was deleted.

Revert the Scream Test Changes and Test Networking

Based on the details from CloudTrail and Config, revert all 3 changes made to the CorporateServerEC2 instance, CorporateApplicationServersecurity group, and the route table associated with the subnet the CorporateServerinstance is launched in.

Additional Resources

Make sure you are in the us-east-1 region throughout the lab.

In this lab, you will have the following resources already deployed for you:

  • Lab VPC
  • CorporateServer EC2 instance
  • CorporateApplicationServer security group

When you need to validate networking is restored, log onto the CorporateServer instance using SSM Session Manager and run the following:

sudo -i
yum install -y nmap

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?