Quest: re:Invent 2020 - Automate The Well-Architected Way With WeInvest

About this Guide

This quest is a collection of featured lab patterns with are covered in the re:Invent 2020 session: Automate The Well-Architected Way with WeInvest.

Using this collection of labs, the user will be able to walk through the featured patterns from the session which WeInvest have worked with AWS to implement within their business to build an improved and effective security posture.

Using either an AWS supplied, or your own AWS account, you will learn through hands-on labs in the AWS Well-Architected area of Incident Response. The skills you learn will help you secure your workloads in alignment with the AWS Well-Architected Framework.


  • An AWS account that you are able to use for testing, that is not used for production or other purposes.

NOTE: You will be billed for any applicable AWS resources used if you complete this lab that are not covered in the AWS Free Tier.

Lab 1 - Autonomous Montoring Of Cryptographic Activity With KMS.

In this lab we will walk you through an example scenario of monitoring our KMS service for encryption and decryption activity. We will autonomously detect abormal activity beyond a predefined threshold and respond accordingly, using the following services:

Start now!

Lab 2 - Autonomous Patching With EC2 Image Builder and Systems Manager.

In this lab we will walk you through a blue/green deployment methodology to build an entirely new Amazon Machine Image (AMI) that contains the latest operating system patch, which can be deployed into an application cluster. We will use the following services to complete the workload deployment:

Start now!

Further Learning

AWS Security Incident Response Guide

Find further information on the AWS website around AWS Cloud Security and in particular what your responsibilities are under the shared security model


  • Tim Robinson - Well-Architected Geo Solution Architect (Asia)