Hands-On Workshop: Mastering Cloud Security Policy as Code

  • Wednesday, 01 Nov 2023 11:30AM EDT (01 Nov 2023 15:30 UTC)
  • Speaker: Jon Zeolla

The Cloud is enabling businesses to quickly adopt and use technology in ways that we've never imagined before. Security teams need to find ways to keep up; automation is the solution. By using Policy as Code tools we can define and enforce security guardrails. This allows developers and cloud engineers to continue shipping features while bringing the confidence to everybody that security requirements are being met.

Learning Objectives:

  1. Examine how unsafe systems can accidentally be deployed into production
  2. Automatically identify cloud environments that don't meet security requirements
  3. Prevent further misconfigurations via automated Policy as Code enforcement points using tools such as easy_infra and Checkov
  4. Remediate misconfigured systems
  5. Automate reassessing cloud systems, and generate evidence for compliance and audit teams


  • Comfortable with Linux command line tools
  • Comfortable with git-based version control systems
  • Comfortable reading configuration files

System Requirements:

  • A modern web browser, preferably Chrome
  • AWS account with root access or an IAM user with Administrator Access permissions

If you need an AWS account, you can create a free tier account with root access at https://aws.amazon.com/free/ The cost to complete the workshop will be minimal (pennies).

This content supports materials and concepts from SEC540: Cloud Security and DevSecOps Automation.