Quest: Reviewing Security Essential Best Practice - Well-Architected Webinar

About this Guide

This quest is a collection of featured lab patterns with are covered in the June 2021 Webinar Reviewing Security Essential Best Practice.

Using this collection of labs, the user will be able to walk through the featured patterns from the session which cover best practice relating to multilayered API security, autonomous patching with EC2 Image Builder and Systems Manager and building incident response playbooks with Jupiter notebooks.

Using either an AWS supplied, or your own AWS account, you will learn through hands-on labs in the AWS Well-Architected area of Incident Response. The skills you learn will help you secure your workloads in alignment with the AWS Well-Architected Framework.


  • An AWS account that you are able to use for testing, that is not used for production or other purposes.

NOTE: You will be billed for any applicable AWS resources used if you complete this lab that are not covered in the AWS Free Tier.

Lab 1 - Multilayered API Security With Cognito and WAF.

In this lab we will walk you through an example scenario of building out a multilayered approach to protecting an API using the following services:

  • Amazon API Gateway - Used for securing REST API.
  • AWS Secrets Manager - Used to securely store secrets.
  • Amazon CloudFront - Used to prevent direct access to API as well as to enforce encrypted end-to-end connections to origin.
  • AWS WAF - Used to protect our API by filtering, monitoring, and blocking malicious traffic.
  • Amazon Cognito - Used to enable access control for our API layer.

Start now!

Lab 2 - Autonomous Patching With EC2 Image Builder and Systems Manager.

In this lab we will walk you through a blue/green deployment methodology to build an entirely new Amazon Machine Image (AMI) that contains the latest operating system patch, which can be deployed into an application cluster. We will use the following services to complete the workload deployment:

Start now!

Lab 3 - Incident Response Playbook with Jupyter - AWS IAM.

In this lab we will walk you through a hands-on lab which will guide you through running a basic incident response playbook using Jupyter. It is a best practice to be prepared for an incident, and practice your investigation and response tools and processes. We will achieve this :

Start now!

Further Learning

AWS Security Incident Response Guide

Find further information on the AWS website around AWS Cloud Security and in particular what your responsibilities are under the shared security model


  • Tim Robinson - Well-Architected Geo Solution Architect
  • Ben Potter - Principal Security Lead Well-Architected
  • Stephen Salim - Well-Architected Geo Solution Architect
  • Jang Whan Han - Well-Architected Geo Solution Architect