Module 1: Governance at Scale

• Governance at scale focal points
• Business and Technical Challenges

Module 2: Governance Automation

• Multi-account strategies, guidance, and architecture
• Environments for agility and governance at scale
• Governance with AWS Control Tower
• Use cases for governance at scale

Module 3: Preventive Controls

• Enterprise environment challenges for developers
• AWS Service Catalog
• Resource creation
• Workflows for provisioning accounts
• Preventive cost and security governance
• Self-service with existing IT service management (ITSM) tools
• Lab 1: Deploy Resources for AWS Catalog
• Create a new AWS Service Catalog portfolio and product.
• Add an IAM role to a launch constraint to limit the actions the product can perform.
• Grant access for an IAM role to view the catalog items.
• Deploy an S3 bucket from an AWS Service Catalog product

Module 4: Detective Controls

• Operations aspect of governance at scale
• Resource monitoring
• Configuration rules for auditing
• Operational insights
• Remediation
• Clean up accounts
• Lab 2: Compliance and Security Automation with AWS Config
• Apply Managed Rules through AWS Config to selected resources
• Automate remediation based on AWS Config rules
• Investigate the Amazon Config dashboard and verify resources and rule compliance
• Lab 3: Taking Action with AWS Systems Manager
• Setup Resource Groups for various resources based on common requirements
• Perform automated actions against targeted Resource Groups

Module 5: Resources

• Explore additional resources for security governance at scale