Best practices for preventing data exposure In this session, we will learn how to configure AWS Config, Amazon CloudWatch Events, AWS Lambda and AWS Systems Manager to prevent unauthorized exposure of enterprise data. This session also provides best practices for preventing misconfiguration of resources, including Amazon S3 and other services.
AWS Config provides a detailed view of the configuration of AWS resources in your AWS account. This includes how the resources are related to one another and how they were configured in the past so that you can see how the configurations and relationships change over time.
We now have AWS Config recording changes for supported resources.
This will deploy a S3 Buket, AWS Systems Manager Automation Document, AWS Lambda Function, SNS Topic and IAM Role needed for this lab.
Please fill in a bucket name, such as: first-last-aws-config-yyyymmdd
Additionally put in your email address in TopicEmail
Note: This will deploy in US-EAST-1 region, the lambda function also resides in a S3 Bucket in the US-EAST-1 Region. If you want to set this lab up in another region, please be sure to download the S3BlockPublic.zip from the www.awsmanagementweek.com S3 Bucket and place it in a bucket in your target region and put that buckt name in the LambdaLocation Parameter of the CloudFormation Template.