Skip to main content



re:Post -

What's new -

re:Invent -

Whitepapers & Guides -

Ramp-Up Guides (guides to learning the AWS Cloud) -

Architecture examples and diagrams -

Back to Basics video series:

Open guide:

DevOps exercises: → Some solutions include Terraform and Pulumi -

Local Stack - -

AWS’s Egregious Egress -

Serverless Patterns Collection -

AWS observability in Grafana Cloud -


Everything in AWS is an API call.

Remove all resources from an AWS account

Top architecture blog posts

Training Learning - → Really basic

AWS Debug Games -

AWS guides and templates -

Things to do when you create an AWS account

With the root user.

  • Enable MFA for the root user link
  • Set the account alias (at the IAM dashboard)
  • Enable IAM access to billing (so that non-root users can have access to billing) link
  • Enable free tier alerts link
  • Enable CloudWatch billing alerts and create one or more budgets link
  • Create the first IAM admin user link
    • Once the admin is created, enable MFA for it
  • Enforce MFA to users link

Multiple accounts

Control Tower:

AWS Control Tower vs Terraform -

AWS Organizations: -

Do I need multiple AWS accounts? -

Transitioning to multiple AWS accounts (Prescriptive Guidance) -

You should have lots of AWS accounts - - -

Create six AWS accounts (logs, security, shared, dev, stage, and prod) -

  • Logs: AWS Config, CloudTrail
  • Security: IAM Roles, Users, Gropus, MFA
  • Shared: shared Docker images, shared AMIs, CI/CD (Jenkins/CircleCI...)
  • Dev/Stage/Prod: CloudFront, S3, Route53, VPC, ECS, EKS, RDS, Redis, Lambda, SQS, Kinesis, IaC Pipeline, CloudWatch, GuardDuty...


What do I do if I notice unauthorized activity in my AWS account? -

AWS Vault - - Stores IAM credentials in your operating system's secure keystore

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc. -

AWS security tool to perform security best practices assessments, audits, etc - -

Analyze your Amazon Web Services (AWS) environments -

flAWS challenge (discover AWS-specific vulnerabilities) -