├── .gitignore ├── .taskcat.yml ├── LICENSE ├── README.md ├── aws-sm-lambda-code.zip ├── delete-taskcat.sh ├── launch-taskcat.sh ├── lesson0-setup ├── README.md ├── ccoa-delete-config.py ├── ceoa-zero-examples.zip ├── package.json ├── test-codecommit.yml ├── test-cw-alarm.yml ├── test-cw-rule-param-store.yml ├── test-cw-rule.yml ├── test-export-value.yml ├── test-import-value.yml ├── test-lambda-rds-vpc.yml ├── test-nat-gateway.yml ├── test-pipeline-deploy.yml ├── test-pipeline.yml ├── test-secrets.yml ├── test-session-mgr.yml ├── test-ssm-param.yml └── test-vpc.yml ├── lesson1-automate ├── README.md ├── ceoa-1-cfn.yml └── ceoa-1-pipeline-cfn.yml ├── lesson2-manage ├── README.md ├── ceoa-2-iam-user.yml └── ceoa-2-kms.yml ├── lesson3-develop ├── README.md ├── ceoa-3-buildspec-lambda.yml ├── ceoa-3-connect-mysql.py ├── ceoa-3-lambda-layers.yml ├── ceoa-3-rotation-1-pipeline.yml ├── ceoa-3-rotation-2-vpc.yml ├── ceoa-3-rotation-3-lambda-sam.yml ├── ceoa-3-rotation-4-rds.yml ├── ceoa-3-sdk.py ├── ceoa-3-sm-no-vpc.yml ├── ceoa-3-sm-vpc-nat-gateway.yml ├── lambda-auto-rotate.zip ├── lambda_function.py └── pymysql.zip ├── lesson4-transit ├── ceoa-4-acm.yml ├── ceoa-4-cloudfront.yml ├── ceoa-4-pipeline.yml ├── graphic.jpg ├── index.html └── main.css ├── lesson5-rest ├── README.md ├── ceoa-5-ddb.yml ├── ceoa-5-ebs.yml ├── ceoa-5-kms.yml └── ceoa-5-s3.yml ├── lesson6-detect ├── README.md ├── buildspec.yml └── ceoa-6-mcr-pipeline.yml ├── lesson7-log ├── README.md └── ceoa-7-cloudtrail.yml ├── lesson8-continuous ├── README.md ├── buildspec-lambda.yml ├── buildspec.yml ├── ceoa-8-pipeline.yml ├── delete-stack.sh ├── index.js ├── launch-stack.sh ├── package.json ├── sam-s3-remediation.yml ├── test.sh └── volume.yml ├── pipeline-taskcat.yml └── update-taskcat.sh /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/.gitignore -------------------------------------------------------------------------------- /.taskcat.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/.taskcat.yml -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/README.md -------------------------------------------------------------------------------- /aws-sm-lambda-code.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/aws-sm-lambda-code.zip -------------------------------------------------------------------------------- /delete-taskcat.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/delete-taskcat.sh -------------------------------------------------------------------------------- /launch-taskcat.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/launch-taskcat.sh -------------------------------------------------------------------------------- /lesson0-setup/README.md: -------------------------------------------------------------------------------- 1 | # Lesson 0 - Continuous Encryption -------------------------------------------------------------------------------- /lesson0-setup/ccoa-delete-config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/ccoa-delete-config.py -------------------------------------------------------------------------------- /lesson0-setup/ceoa-zero-examples.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/ceoa-zero-examples.zip -------------------------------------------------------------------------------- /lesson0-setup/package.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/package.json -------------------------------------------------------------------------------- /lesson0-setup/test-codecommit.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/test-codecommit.yml -------------------------------------------------------------------------------- /lesson0-setup/test-cw-alarm.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/test-cw-alarm.yml -------------------------------------------------------------------------------- /lesson0-setup/test-cw-rule-param-store.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/test-cw-rule-param-store.yml -------------------------------------------------------------------------------- /lesson0-setup/test-cw-rule.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/test-cw-rule.yml -------------------------------------------------------------------------------- /lesson0-setup/test-export-value.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/test-export-value.yml -------------------------------------------------------------------------------- /lesson0-setup/test-import-value.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/test-import-value.yml -------------------------------------------------------------------------------- /lesson0-setup/test-lambda-rds-vpc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/test-lambda-rds-vpc.yml -------------------------------------------------------------------------------- /lesson0-setup/test-nat-gateway.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/test-nat-gateway.yml -------------------------------------------------------------------------------- /lesson0-setup/test-pipeline-deploy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/test-pipeline-deploy.yml -------------------------------------------------------------------------------- /lesson0-setup/test-pipeline.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/test-pipeline.yml -------------------------------------------------------------------------------- /lesson0-setup/test-secrets.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/test-secrets.yml -------------------------------------------------------------------------------- /lesson0-setup/test-session-mgr.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/test-session-mgr.yml -------------------------------------------------------------------------------- /lesson0-setup/test-ssm-param.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/test-ssm-param.yml -------------------------------------------------------------------------------- /lesson0-setup/test-vpc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson0-setup/test-vpc.yml -------------------------------------------------------------------------------- /lesson1-automate/README.md: -------------------------------------------------------------------------------- 1 | # Lesson 1 - Automate -------------------------------------------------------------------------------- /lesson1-automate/ceoa-1-cfn.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson1-automate/ceoa-1-cfn.yml -------------------------------------------------------------------------------- /lesson1-automate/ceoa-1-pipeline-cfn.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson1-automate/ceoa-1-pipeline-cfn.yml -------------------------------------------------------------------------------- /lesson2-manage/README.md: -------------------------------------------------------------------------------- 1 | # Lesson 2 - Key Management -------------------------------------------------------------------------------- /lesson2-manage/ceoa-2-iam-user.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson2-manage/ceoa-2-iam-user.yml -------------------------------------------------------------------------------- /lesson2-manage/ceoa-2-kms.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson2-manage/ceoa-2-kms.yml -------------------------------------------------------------------------------- /lesson3-develop/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson3-develop/README.md -------------------------------------------------------------------------------- /lesson3-develop/ceoa-3-buildspec-lambda.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson3-develop/ceoa-3-buildspec-lambda.yml -------------------------------------------------------------------------------- /lesson3-develop/ceoa-3-connect-mysql.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson3-develop/ceoa-3-connect-mysql.py -------------------------------------------------------------------------------- /lesson3-develop/ceoa-3-lambda-layers.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson3-develop/ceoa-3-lambda-layers.yml -------------------------------------------------------------------------------- /lesson3-develop/ceoa-3-rotation-1-pipeline.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson3-develop/ceoa-3-rotation-1-pipeline.yml -------------------------------------------------------------------------------- /lesson3-develop/ceoa-3-rotation-2-vpc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson3-develop/ceoa-3-rotation-2-vpc.yml -------------------------------------------------------------------------------- /lesson3-develop/ceoa-3-rotation-3-lambda-sam.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson3-develop/ceoa-3-rotation-3-lambda-sam.yml -------------------------------------------------------------------------------- /lesson3-develop/ceoa-3-rotation-4-rds.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson3-develop/ceoa-3-rotation-4-rds.yml -------------------------------------------------------------------------------- /lesson3-develop/ceoa-3-sdk.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson3-develop/ceoa-3-sdk.py -------------------------------------------------------------------------------- /lesson3-develop/ceoa-3-sm-no-vpc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson3-develop/ceoa-3-sm-no-vpc.yml -------------------------------------------------------------------------------- /lesson3-develop/ceoa-3-sm-vpc-nat-gateway.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson3-develop/ceoa-3-sm-vpc-nat-gateway.yml -------------------------------------------------------------------------------- /lesson3-develop/lambda-auto-rotate.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson3-develop/lambda-auto-rotate.zip -------------------------------------------------------------------------------- /lesson3-develop/lambda_function.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson3-develop/lambda_function.py -------------------------------------------------------------------------------- /lesson3-develop/pymysql.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson3-develop/pymysql.zip -------------------------------------------------------------------------------- /lesson4-transit/ceoa-4-acm.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson4-transit/ceoa-4-acm.yml -------------------------------------------------------------------------------- /lesson4-transit/ceoa-4-cloudfront.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson4-transit/ceoa-4-cloudfront.yml -------------------------------------------------------------------------------- /lesson4-transit/ceoa-4-pipeline.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson4-transit/ceoa-4-pipeline.yml -------------------------------------------------------------------------------- /lesson4-transit/graphic.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson4-transit/graphic.jpg -------------------------------------------------------------------------------- /lesson4-transit/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson4-transit/index.html -------------------------------------------------------------------------------- /lesson4-transit/main.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson4-transit/main.css -------------------------------------------------------------------------------- /lesson5-rest/README.md: -------------------------------------------------------------------------------- 1 | # Lesson 5 - Encryption at Rest -------------------------------------------------------------------------------- /lesson5-rest/ceoa-5-ddb.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson5-rest/ceoa-5-ddb.yml -------------------------------------------------------------------------------- /lesson5-rest/ceoa-5-ebs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson5-rest/ceoa-5-ebs.yml -------------------------------------------------------------------------------- /lesson5-rest/ceoa-5-kms.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson5-rest/ceoa-5-kms.yml -------------------------------------------------------------------------------- /lesson5-rest/ceoa-5-s3.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson5-rest/ceoa-5-s3.yml -------------------------------------------------------------------------------- /lesson6-detect/README.md: -------------------------------------------------------------------------------- 1 | # Lesson 6 - Detect -------------------------------------------------------------------------------- /lesson6-detect/buildspec.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson6-detect/buildspec.yml -------------------------------------------------------------------------------- /lesson6-detect/ceoa-6-mcr-pipeline.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson6-detect/ceoa-6-mcr-pipeline.yml -------------------------------------------------------------------------------- /lesson7-log/README.md: -------------------------------------------------------------------------------- 1 | # Lesson 7 - Logging Key Usage -------------------------------------------------------------------------------- /lesson7-log/ceoa-7-cloudtrail.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson7-log/ceoa-7-cloudtrail.yml -------------------------------------------------------------------------------- /lesson8-continuous/README.md: -------------------------------------------------------------------------------- 1 | # aws-encryption-workshop -------------------------------------------------------------------------------- /lesson8-continuous/buildspec-lambda.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson8-continuous/buildspec-lambda.yml -------------------------------------------------------------------------------- /lesson8-continuous/buildspec.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson8-continuous/buildspec.yml -------------------------------------------------------------------------------- /lesson8-continuous/ceoa-8-pipeline.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson8-continuous/ceoa-8-pipeline.yml -------------------------------------------------------------------------------- /lesson8-continuous/delete-stack.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson8-continuous/delete-stack.sh -------------------------------------------------------------------------------- /lesson8-continuous/index.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson8-continuous/index.js -------------------------------------------------------------------------------- /lesson8-continuous/launch-stack.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson8-continuous/launch-stack.sh -------------------------------------------------------------------------------- /lesson8-continuous/package.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson8-continuous/package.json -------------------------------------------------------------------------------- /lesson8-continuous/sam-s3-remediation.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson8-continuous/sam-s3-remediation.yml -------------------------------------------------------------------------------- /lesson8-continuous/test.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson8-continuous/test.sh -------------------------------------------------------------------------------- /lesson8-continuous/volume.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/lesson8-continuous/volume.yml -------------------------------------------------------------------------------- /pipeline-taskcat.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/pipeline-taskcat.yml -------------------------------------------------------------------------------- /update-taskcat.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PaulDuvall/aws-encryption-workshop/HEAD/update-taskcat.sh --------------------------------------------------------------------------------