Governance and compliance
This guide is for AWS re:Inforce attendees who are establishing processes and selecting tools to manage and govern their AWS environment. Check out my session recommendations to design and automate controls over cost, compliance, and security.
Paolo LatellaIn all of the projects that I lead, one of my missions is always to improve the enterprise’s agility without compromising safety.At re:Inforce 2023, there are several management and governance breakout sessions, workshops, and more designed for solutions architects, security engineers, and executives to help you better understand how AWS can support your organization to automate control over costs, compliance, and security.I’m passionate about automation and my guide will give you session recommendations on how to integrate compliance and governance in a DevSecOps process. The focus is on the topic of compliance as code and automated enforcement of best practices, standards, and regulatory requirements.
If you want to increase your business agility without compromising security, you must let your builders innovate fast to prevent them from going off-road. That means your organization must implement a set of “guardrails” using both preventive and responsive controls. I’m suggesting this session because it puts focus on adoption strategies for SCPs and shows you how to integrate the building of these policies in a CI/CD pipeline.
Cloud infrastructure provides more agility and responsiveness than traditional IT environments. This requires organizations to think differently about how they guarantee compliance and manage cloud resources. Furthermore, builders need to be able to operate in a cloud environment that’s agile and safe at the same time. This session is the right starting point to understanding the challenge of balancing agility and safety in a cloud world, described by two big enterprise customers.
Since AWS Control Tower launched, its customization features and Terraform integration have allowed organizations to use it to automate account creation with preconfigured settings that meet business, security, and compliance requirements. I love this feature and I’m especially looking forward to this session.
If your organization is preparing to migrate their workload to the cloud or scaling up their infrastructure, you won’t want to miss this session—it’ll explain the right way to introduce governance services as AWS Control Tower, AWS Organizations, AWS Config, and AWS IAM Identity Center.
Companies must adopt a new approach to planning, developing, and testing policies. Just like when we use infrastructure as code in infrastructure automation and the CI/CD approach in application lifecycle management, at the same time our DevSecOps teams must adopt policy as code, especially in a cloud world. Join this session to learn how to best integrate cfn-guard in a CI/CD pipeline using Amazon CodeCatalyst.
When a cloud resource does not meet compliance requirements, it’s important to react quickly and automatically. This session completes the compliance-as-code approach introduced in GRC-351 and walks through the automated remediation steps provided by AWS Systems Manager automation documents.
Understand how to adopt AWS services to meet your upcoming regulatory requirements with this “live performance.” I really appreciate that this chalk talk offers attendees advice on planning the future of GRC in their organization.
Continuous compliance can help keep your organization safe as the threat landscape continually changes and expands. Learn how to evaluate cloud resources and act quickly in case of misconfiguration to become proactive. Learning by doing is the best option, so join this workshop to get hands-on with how to configure AWS Config and create a custom config rule that can help your organization proactively remediate compliance violations.