AWS User group meetup 2 was dedicated to Security. This AWS re:Inforce 2019 recap focuses on top presentations, great presenters and announcements made during the conference
User Group Belgrade AWS re:Inforce Boston 2019 Goran Opacic - Announcements - Security HUB, VPC mirroring, … - Best talks & topics - Nitro, ABAC, Serverless, … User Group Belgrade
User Group Belgrade Twitter Premier League: Corey Quinn Jeremy Daly Teri Radichel Ben Kehoe Richard Boyd re:Inforce 2019 Boston ~10,000 people Next year: Houston Europe 2019: Global Security Roadshow Stockholm October 10 London October 15 Munich November 20
User Group Belgrade Control Tower • Multi-account environment • Guardrails for governance • Best practice blueprints • Comprehensive insights • “Well-architected”
User Group Belgrade Control Tower • provide identity management using AWS SSO Directory • provide federated access using AWS Single Sign-On (AWS SSO) • create a central log archive using AWS CloudTrail and AWS Config • enable security audits across accounts using AWS SSO • implement network configurations using Amazon VPC • define workflows for provisioning accounts using AWS Service Catalog
User Group Belgrade Control Tower - FAQ • You can’t deploy AWS Control tower on account with an existing AWS Organizations master account • AWS Control Tower requires a standalone account that is not a member of AWS Organizations for setup. In the near future, you will be able to deploy Control Tower to an existing AWS Organizations account structure. • There is no API available for AWS Control Tower • There is no migration path from AWS Landing Zone to AWS Control Tower at the moment • Pricing – 0