Using AWS Security Hub to Analyze an AWS Account

45 minutes
  • 4 Learning Objectives

About this Hands-on Lab

This hands-on lab provides an introduction to AWS Security Hub and how it can be used to analyze the security of an AWS account. You can view this hands-on lab as a Security Hub quick start guide.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Enable AWS Security Hub
  • Enable AWS Config
  • Then, enable AWS Security Hub
Create a VPC
  • From the VPC console, select Create VPC
    • Select VPC and More
Create a Security Group
  • Create an EC2 Security Hub
    • Set the ingress on port 22 to (This will create a critical finding in Security Hub.)
Create an S3 Bucket
  • Create an S3 bucket with open read access
    • Turn off the checkbox (the default), which restricts open read access (This will create a Security Hub finding.)

Additional Resources

After a company audit, you have been tasked with strengthening the security posture of the company AWS account. You have proposed AWS Security Hub as a tool to tighten up security. You will configure Security Hub, review initial findings, and then create resources that may have some security holes to show the power of Security Hub in identifying those holes.

Please log in to the lab environment with the cloud_user credentials provided. Ensure you are using the us-east-1 region throughout the lab.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?