Performing a Basic Audit of your AWS Environment

Performing a Basic Audit of your AWS Environment

55 minutes 8 Credits

SPL-73 - Version 1.3.3

© 2019 Amazon Web Services, Inc. and its affiliates. All rights reserved. This work may not be reproduced or redistributed, in whole or in part, without prior written permission from Amazon Web Services, Inc. Commercial copying, lending, or selling is prohibited.

Errors or corrections? Email us at

Other questions? Contact us at

Lab Overview

This lab leads you through the steps to perform basic audits of core AWS resources. You will use the AWS Management Console to understand how to audit the use of multiple AWS services, Amazon EC2, Amazon VPC, Amazon IAM, Amazon Security Groups, AWS CloudTrail and Amazon CloudWatch. This lab will help you understand how you can extend your existing auditing objectives related to organizational Governance, Asset Configuration, Logical Access Controls, Operating Systems, Databases and Applications security configurations within AWS. The skills learned will help provide visibility; testability and automated audit evidence gather capabilities.

Topics Covered

By the end of this lab, you will be able to:

  • Review user permissions in AWS IAM.
  • Capture audit evidence using AWS IAM Policy Simulator.
  • Review Inbound and Outbound networking rules for Amazon EC2 Security Groups.
  • Review Amazon VPC configurations, subnets, and Network ACLs.
  • Review Amazon CloudWatch performance metrics.
  • Review raw Amazon CloudTrail logs within Amazon S3.

Lab Pre-requisites

To successfully complete this lab, you should be familiar with basic AWS services.

Join Qwiklabs to read the rest of this lab...and more!

  • Get temporary access to the Amazon Web Services Console.
  • Over 200 labs from beginner to advanced levels.
  • Bite-sized so you can learn at your own pace.
Join to Start This Lab