This website lists workshops created by the teams at Amazon Web Services (AWS). Workshops are hands-on events designed to teach or introduce practical skills, techniques, or concepts which you can use to solve business problems.
You can filter by topic using the toolbar above.
New workshops and content added all the time
Created by specialists in the field from AWS and AWS Partners
Globally available without restriction and mobile friendly
Do you have workloads running on EKS that need to access other AWS services? This session is for you. Amazon EKS provides two ways to grant AWS Identity and Access Management permissions to workloads that run in Amazon EKS clusters: IAM roles for service accounts, and the newer EKS Pod Identities. In this workshop, you will learn about the differences and best practices of these two, while getting hands-on on how to configure them.
Dive deep on how Amazon Cognito issued tokens authorize access to APIs and AWS resources. A custom web application explores the structure of JSON Web Tokens (JWTs), including header, payload, and signature verification. Cognito JWTs are exchanged for IAM Temporary Security Credentials or passed to Amazon Verified Permissions in separate workflows authorizing retrieval of Amazon S3 objects. Cognito users are representative of a multi-tenant SaaS solution. Stack deployed via CDK.
Understanding how to build effective Identity and Access Management (IAM) policies is an important skill for everyone building on AWS as policies determine who can access what in your AWS account. In this workshop, you will learn how to write different types of IAM policies and implement access controls on principals and resources, using conditions to scope down access.
In this workshop, you will learn how and when to use various IAM policy types. You will work on hands-on labs that take you through a typical customer journey to configure permissions for a sample application. You will configure policies for your identities, resources, and CI/CD pipeline using permission delegation to balance security and agility.
In this workshop, you will dive deep into the logic of IAM policy evaluation. You will execute hands-on labs that walk through common IAM use cases and understand how different policies interact with each other. By using identity- and resource-based policies within single- and cross-account scenarios, you will gain an understanding of the evaluation logic that you can then apply in your own environment.
This workshop will teach you about the AWS services and features available for creating a perimeter around your data. You will configure resources so that access to data is restricted to authorized users from expected network locations, such as your Amazon VPC or corporate network. You will also restrict access to trusted identities, such as users from within your AWS Organization. The controls to allow access to data only from expected network locations and by trusted identities create a data perimeter.