Skip to content
@AWS-Security-Portfolio

AWS Security Portfolio

README.md

AWS Security Portfolio

Welcome to my portfolio of hands-on AWS Security labs and automation projects. Each repository below demonstrates real-world AWS security concepts, from identity management and network segmentation, to incident response and serverless application protection.

Portfolio Overview

Repository Description
serverless-security Secure serverless application with API Gateway, Lambda, DynamoDB, Cognito user authentication and AWS WAF protection.
cicd-security Demo for AWS CI/CD security lab with static analysis and access control.
iam-least-privilege Custom IAM users, groups, roles and least privilege policies. Includes EC2 instance with IAM role and testing.
vpc Deploys secure VPC with Terraform: private and public subnets, NAT gateway, bastion host and network segmentation.
ec2-hardening Deploys and hardens EC2 with least-privilege IAM, secure SGs, SSM and CIS best practices.
logging-monitoring Centralized logging and threat detection with CloudTrail, GuardDuty, Config, CloudWatch and Athena.
s3-security Secures S3 buckets with policies, encryption, and misconfiguration detection AWS Trusted Advisor.
incident-response Automates detection and quarantine of compromised EC2s with GuardDuty, CloudTrail and Lambda.
  • Click each repo name to view source code, documentation, diagrams and hands-on lab.

Topics Covered

  • IAM & Least Privilege – Fine-grained access control with users, roles and policies.
  • VPC & Networking – Secure segmentation, NAT, bastion hosts and Terraform-based architecture.
  • EC2 Hardening – OS-level security, SSH best practices, SSM automation and CIS compliance.
  • Logging & Monitoring – End-to-end visibility with CloudTrail, GuardDuty, Config, Athena and CloudWatch.
  • S3 Security – Bucket policies, encryption and misconfiguration detection.
  • Incident Response – Automated detection and remediation using Lambda and GuardDuty.
  • CI/CD Pipeline Security – Secure DevOps pipelines, static analysis and access control.
  • Serverless Security – API Gateway, Lambda, WAF, Cognito and secure serverless design.

About Me

Built and maintained by Sebastian Silva C. Passionate about automation, defense-in-depth and real-world hands-on learning. CompTIA Security+, Network+, A+ and Azure AZ 900 certified.
Contact me on LinkedIn or sebastian@playbookvisualarts.com

Sebastian Silva C. - July, 2025 - Berlin, Germany

Popular repositories Loading

  1. iam-least-privilege iam-least-privilege Public

    Custom IAM users, groups, roles, and least privilege access policies. Includes EC2 instance with attached IAM role and documented testing.

    1

  2. vpc vpc Public

    Automated deployment of a secure, segmented network architecture using Terraform. Displays public/private subnets, NAT gateway, bastion host access and best practices for cloud network isolation.

    HCL

  3. ec2-hardening ec2-hardening Public

    Securely deploys and hardens an AWS EC2 instance using least-privilege IAM, restrictive security groups, SSM, OS updates, SSH hardening, and logging—following CIS benchmarks and AWS best practices.

    Shell

  4. logging-monitoring logging-monitoring Public

    Configuring AWS CloudTrail, GuardDuty, AWS Config, CloudWatch and Athena for centralized logging, threat detection, compliance monitoring and log analysis.

  5. s3-security s3-security Public

    Securing S3 buckets: Test public access, apply policies and encryption, and detect misconfigurations with AWS Trusted Advisor. Includes screenshots, policy examples, and clear documentation.

  6. cicd-security cicd-security Public

    Demo for AWS CI/CD security lab with static analysis and access control.

    Python

Repositories

Showing 9 of 9 repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Loading…

Most used topics

Loading…