SlideShare a Scribd company logo

Devina Dhawan's talk - Women and non binary focused intro to AWS

AWS Chicago, profile picture
AWS Chicago

The document discusses transitioning to AWS infrastructure, emphasizing security practices at Etsy. Key recommendations include implementing strong password policies, enabling multi-factor authentication, and utilizing tools like evident.io and Scout2 for configuration monitoring. It also highlights the importance of communication and collaboration across teams to ensure secure account management and service provisioning.

Technology
1 of 39
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
Transitioning to AWS in a hurry without getting owned (Hopefully...) Devina Dhawan 02/06/2017 - Women & Non-Binary Focused intro to AWS Email: 3@etsy.com Twitter: @theulzo 1
Introduction 2 ● Etsy (Jan 2015 - Present) ● Orbitz (May 2014 - Dec 2015) ● University of Illinois in Chicago
Etsy operates a global marketplace where people around the world connect, both online and offline, to make, sell and buy unique goods. 3
Security at Etsy 4 ● Evangelizing Security at Etsy ○ Candy is a great way to make friends ○ Allow the conversation about security to be comfortable and inviting.
What is this talk about? • I will help you improve your existing AWS infrastructure • You will walk away with action items • http://bit.ly/2EnZU1q 5
“Securing Amazon Web Services” 6
7 - Traditional bare metal - Minimal footprint in the clouds Infrastructure
Where to begin?
9 ● Evident.io ○ Scans of configurations to see if anything is misconfigured ● Password policies? ● Multi-factor Authentication ● Jira Tickets Evident.io
10 Low-hanging IAM Fruit # Password Policy # Multi-factor auth Monitoring # Cloudtrail Logging EC2 # Netwerkin’ # EC2 Roles S3 # S3 Bucket Policies
Scout2 ● Github Page: https://github.com/nccgro up/Scout2 ● Reports for all accounts ● Tie that into alerts manually
12 Low-hanging IAM Fruit # Password Policy # Multi-factor auth Monitoring # Cloudtrail Logging EC2 # Netwerkin’ # EC2 Roles S3 # S3 Bucket Policies
Changes I made… like a goon • Password policy to the highest scrutiny • Removed all admin roles from accounts that didn’t need them (aka hadn’t used aws in 2 yrs and didn’t have any api keys tied to their user) 13
Password Policies
My first Etsy communication Hello X, Looks like you still do not have MFA set up on your AWS account. Go ahead and go to Identity & Access Management in your Amazon Web Services console -> find your username -> Manage MFA Device. Note: If you no longer need your AWS account, please let me know! Devina
Version 2.0 Hello X, Looks like you still do not have MFA set up on your AWS account. It looks like you used your AWS account recently as well, so please sign up for MFA by 03/31/16 or your account will be suspended. Go ahead and go to Identity & Access Management in your Amazon Web Services console -> find your username -> Manage MFA Device. Note: If you no longer need your AWS account, please let me know! Your neighborhood candy provider, Devina
Oops...
Multiple statements which allow you to: ● Resync MFA devices ● Deactivate MFA devices ● List MFA devices ● Primary, management Other policies: ● Forcing MFA
Oof…
Aws-cli for account creation Becoming really used to the aws client is really useful too!
Using Terraform for IAM ● What is terraform? ● What can it do? ○ Static creds ○ Environment variables ○ Shared creds ○ EC2 Roles
Static Creds
23 Low-hanging IAM Fruit # Password Policy # Multi-factor auth Monitoring # Cloudtrail Logging EC2 # Netwerkin’ # EC2 Roles S3 # S3 Bucket Policies
Logging in AWS - Cloudtrail
Devina Dhawan's talk - Women and non binary focused intro to AWS
Devina Dhawan's talk - Women and non binary focused intro to AWS
Devina Dhawan's talk - Women and non binary focused intro to AWS
ELK
Alert Types Email: ● Daily Roundup Emails ○ No production impacting ● High Risk Alerts ○ Enough resources to handle IRC/Slack/Jabber: ● Slack & Dropbox Collect the alerts: ● Splunk ● 411 / Elastalert
30 Low-hanging IAM Fruit # Password Policy # Multi-factor auth Monitoring # Scout2 # Logging EC2 # Netwerkin’ # EC2 Roles S3 # S3 Bucket Policies
Inbound/Outbound
EC2 Roles
33 Low-hanging IAM Fruit # Password Policy # Multi-factor auth Monitoring # Scout2 # Logging EC2 # Netwerkin’ # EC2 Roles S3 # S3 Bucket Policies
Bucket Policies
Devina Dhawan's talk - Women and non binary focused intro to AWS
Devina Dhawan's talk - Women and non binary focused intro to AWS
● Bug Bounties at Etsy: https://www.etsy.com/bounty ● S3 Scanner Github: https://github.com/bear/s3scan ○ Report of all s3 buckets and perms ○ Likely how bountiers are finding out about your misconfigured policies.
38 So… it happened, what do I do now? ❏ Write down all the systems you need to take care of ❏ Find out what you need to fix on all systems, write that down ❏ Start with the low-hanging fruit ❏ Over communicate what you are doing. ❏ Work with networking on the AWS network ❏ Create default rulesets & roles ❏ Work with IT/helpdesk to handle account provisioning ❏ Work with systems engineering to handle provisioning of services ❏ … profit?
THANKS! 3@etsy.com @theulzo

More Related Content

PDF
MJ Berends talk - Women & Non-Binary Focused Intro to AWS
AWS Chicago
 
PDF
Introduction 2 to aws and storage options
Szilveszter Molnár
 
PDF
Introduction to scaling your WordPress site past a single node using AWS
WP Engine
 
PDF
Intro To Serverless ClojureScript
Jim Lynch
 
PDF
WordCamp IL 2016 - WordPress Scale on AWS
Boaz Ziniman
 
PPTX
Containerize all the things!
Mike Melusky
 
PDF
AWS KSS
NeeleEilers
 
PPTX
Signal r azurepresentation
Justin Wendlandt
 
MJ Berends talk - Women & Non-Binary Focused Intro to AWS
AWS Chicago
 
Introduction 2 to aws and storage options
Szilveszter Molnár
 
Introduction to scaling your WordPress site past a single node using AWS
WP Engine
 
Intro To Serverless ClojureScript
Jim Lynch
 
WordCamp IL 2016 - WordPress Scale on AWS
Boaz Ziniman
 
Containerize all the things!
Mike Melusky
 
AWS KSS
NeeleEilers
 
Signal r azurepresentation
Justin Wendlandt
 

What's hot (17)

PDF
Serverless Systems: The Future is Here
gedoplan
 
PDF
Serverless Computing with AWS
TransferWiseSG
 
PDF
Dockercon plugins session
Weaveworks
 
PDF
NDev Talk - Serverless Design Patterns
Ryan Green
 
PPTX
DNN & The CloudOS: Windows Azure on your terms
Jess Coburn
 
PDF
A 5 Minute Intro To Weave - Software Circus July 2015
Weaveworks
 
PDF
TDD a REST API With Node.js and MongoDB
Valeri Karpov
 
PPTX
Cloud Amazon Service
Remo Sam
 
PPTX
Dev-Friendly Ops
Josh Schramm
 
PPTX
AWS Cloudfront Fundamentals
Piyush Agrawal
 
PPTX
WordPress Development Environments
Josh Cummings
 
PDF
Inrastructure as Code
Charles Anderson
 
PDF
WordPress Deployment
Swain Strickland
 
PDF
Using Aws As A Game Server (AWS UG Bandung)
Aswin Juari
 
PPTX
Moving Viadeo to AWS (2015)
Julien SIMON
 
PDF
AWS systems manager | Francisco edilton
AWSCOMSUM
 
PDF
Cassandra Development Nirvana
DataStax
 
Serverless Systems: The Future is Here
gedoplan
 
Serverless Computing with AWS
TransferWiseSG
 
Dockercon plugins session
Weaveworks
 
NDev Talk - Serverless Design Patterns
Ryan Green
 
DNN & The CloudOS: Windows Azure on your terms
Jess Coburn
 
A 5 Minute Intro To Weave - Software Circus July 2015
Weaveworks
 
TDD a REST API With Node.js and MongoDB
Valeri Karpov
 
Cloud Amazon Service
Remo Sam
 
Dev-Friendly Ops
Josh Schramm
 
AWS Cloudfront Fundamentals
Piyush Agrawal
 
WordPress Development Environments
Josh Cummings
 
Inrastructure as Code
Charles Anderson
 
WordPress Deployment
Swain Strickland
 
Using Aws As A Game Server (AWS UG Bandung)
Aswin Juari
 
Moving Viadeo to AWS (2015)
Julien SIMON
 
AWS systems manager | Francisco edilton
AWSCOMSUM
 
Cassandra Development Nirvana
DataStax
 
Ad

Similar to Devina Dhawan's talk - Women and non binary focused intro to AWS (20)

PDF
Moving at the Speed-of-Cloud Without Getting Owned
DevOps.com
 
PDF
Moving at the Speed-of-Cloud Without Getting Owned
Deborah Schalm
 
PPTX
It's 10pm, Do You Know Where Your Access Keys Are?
Ken Johnson
 
PDF
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
HashiCorp
 
PPTX
In the Cloud, nobody can hear you scream: AWS Cloud Security for DevOps
Garth Boyd
 
PPTX
Moving the needle on cloud security - AWS Summit Atlanta
Chris Farris
 
PDF
Netflix Open Source Meetup Season 4 Episode 3
aspyker
 
PPTX
Cloud security best practices in AWS by: Ankit Giri
OWASP Delhi
 
PPTX
LASCON 2016 - It's 10PM Do You Know Where Your Access Keys Are?
Ken Johnson
 
PPT
AWS & Infrastructure Hardening - Cloud Infrastructure Security
Nutanix Beam
 
PPT
Aws training in bangalore
apponix123
 
ODP
User Credential handling in Web Applications done right
tladesignz
 
PPTX
Automating AWS security and compliance
John Varghese
 
PPTX
Wrangling Security & Identity across 99+ AWS Accounts
Andrew Bienert
 
PPTX
004 - Logging in the Cloud -- hide01.ir.pptx
nitinscribd
 
PDF
Shared Security Responsibilities in AWS - LA AWS User Meetup - 2014-07-17
John Martinez
 
PPTX
Top 23 Things Not to Do in AWS
Ervan Setiawan
 
PDF
Are Multi-Cloud and Serverless Good or Bad?
Mattias Andersson
 
PDF
Denver AWS Users' Group Meeting - July 2018 Slides
David McDaniel
 
PPTX
Dirty Little Secrets They Didn't Teach You In Pentest Class v2
Rob Fuller
 
Moving at the Speed-of-Cloud Without Getting Owned
DevOps.com
 
Moving at the Speed-of-Cloud Without Getting Owned
Deborah Schalm
 
It's 10pm, Do You Know Where Your Access Keys Are?
Ken Johnson
 
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
HashiCorp
 
In the Cloud, nobody can hear you scream: AWS Cloud Security for DevOps
Garth Boyd
 
Moving the needle on cloud security - AWS Summit Atlanta
Chris Farris
 
Netflix Open Source Meetup Season 4 Episode 3
aspyker
 
Cloud security best practices in AWS by: Ankit Giri
OWASP Delhi
 
LASCON 2016 - It's 10PM Do You Know Where Your Access Keys Are?
Ken Johnson
 
AWS & Infrastructure Hardening - Cloud Infrastructure Security
Nutanix Beam
 
Aws training in bangalore
apponix123
 
User Credential handling in Web Applications done right
tladesignz
 
Automating AWS security and compliance
John Varghese
 
Wrangling Security & Identity across 99+ AWS Accounts
Andrew Bienert
 
004 - Logging in the Cloud -- hide01.ir.pptx
nitinscribd
 
Shared Security Responsibilities in AWS - LA AWS User Meetup - 2014-07-17
John Martinez
 
Top 23 Things Not to Do in AWS
Ervan Setiawan
 
Are Multi-Cloud and Serverless Good or Bad?
Mattias Andersson
 
Denver AWS Users' Group Meeting - July 2018 Slides
David McDaniel
 
Dirty Little Secrets They Didn't Teach You In Pentest Class v2
Rob Fuller
 
Ad

More from AWS Chicago (20)

PPTX
Kathie Kinde Clark - Elevate Your Professional Footprint: LinkedIn Masterclass
AWS Chicago
 
PDF
Jason Anderson From Dirt Roads to Highways: Simplifying DevOps and Cloud Inf...
AWS Chicago
 
PDF
Aman Sardana and Vijay Kumar Soni - Navigating Hybrid Cloud Challenges for ...
AWS Chicago
 
PDF
Ben Blair Operating Safely in a Vibe Coding World
AWS Chicago
 
PPTX
Joseph Morotti Enhancing customer experience through Amazon Connect and Gene...
AWS Chicago
 
PPTX
Craig Johnson When VPCs Attack: Real-Life Cloud Networking Fails (and Fixes)
AWS Chicago
 
PDF
Peter Sankauskas Access Denied: Understanding & Debugging AWS IAM
AWS Chicago
 
PDF
Shuen Mei Parth Sharma Boost Productivity, Innovation and Efficiency wit...
AWS Chicago
 
PDF
Bob Fornal The Impact of Testing on a DevOps Pipeline
AWS Chicago
 
PDF
Jason Butz Chaos Engineering with FIS and Lambda Functions
AWS Chicago
 
PPTX
Automated VPC migration into centralized inspection architecture with AWS Gat...
AWS Chicago
 
PDF
Julia Furst Morgado The Lazy Guide to Kubernetes with EKS Auto Mode + Karpenter
AWS Chicago
 
PDF
Bob Fornal - Active Career Management AWS Community Day Midwest 2025
AWS Chicago
 
PDF
Edwin Moedano Monitoring and Observability of Lambdas with Cloudwatch and Po...
AWS Chicago
 
PPTX
Darren Mills The Migration Modernization Balancing Act: Navigating Risks and...
AWS Chicago
 
PPTX
Nathan Hiscock Architecting secure, scalable, cost-efficient computer vision...
AWS Chicago
 
PDF
AWS Community Day Midwest 2025 Julia Furst Morgado The Lazy Guide to Kuberne...
AWS Chicago
 
PDF
Steven Seaney - Simplifying and Streamlining AWS Control Tower Deployments
AWS Chicago
 
PDF
Timothy Rottach - Ramp up on AI Use Cases, from Vector Search to AI Agents wi...
AWS Chicago
 
PPTX
Paul Chin Jr. Data Gone in 60 Seconds: A Serverless ETL Heist
AWS Chicago
 
Kathie Kinde Clark - Elevate Your Professional Footprint: LinkedIn Masterclass
AWS Chicago
 
Jason Anderson From Dirt Roads to Highways: Simplifying DevOps and Cloud Inf...
AWS Chicago
 
Aman Sardana and Vijay Kumar Soni - Navigating Hybrid Cloud Challenges for ...
AWS Chicago
 
Ben Blair Operating Safely in a Vibe Coding World
AWS Chicago
 
Joseph Morotti Enhancing customer experience through Amazon Connect and Gene...
AWS Chicago
 
Craig Johnson When VPCs Attack: Real-Life Cloud Networking Fails (and Fixes)
AWS Chicago
 
Peter Sankauskas Access Denied: Understanding & Debugging AWS IAM
AWS Chicago
 
Shuen Mei Parth Sharma Boost Productivity, Innovation and Efficiency wit...
AWS Chicago
 
Bob Fornal The Impact of Testing on a DevOps Pipeline
AWS Chicago
 
Jason Butz Chaos Engineering with FIS and Lambda Functions
AWS Chicago
 
Automated VPC migration into centralized inspection architecture with AWS Gat...
AWS Chicago
 
Julia Furst Morgado The Lazy Guide to Kubernetes with EKS Auto Mode + Karpenter
AWS Chicago
 
Bob Fornal - Active Career Management AWS Community Day Midwest 2025
AWS Chicago
 
Edwin Moedano Monitoring and Observability of Lambdas with Cloudwatch and Po...
AWS Chicago
 
Darren Mills The Migration Modernization Balancing Act: Navigating Risks and...
AWS Chicago
 
Nathan Hiscock Architecting secure, scalable, cost-efficient computer vision...
AWS Chicago
 
AWS Community Day Midwest 2025 Julia Furst Morgado The Lazy Guide to Kuberne...
AWS Chicago
 
Steven Seaney - Simplifying and Streamlining AWS Control Tower Deployments
AWS Chicago
 
Timothy Rottach - Ramp up on AI Use Cases, from Vector Search to AI Agents wi...
AWS Chicago
 
Paul Chin Jr. Data Gone in 60 Seconds: A Serverless ETL Heist
AWS Chicago
 

Recently uploaded (20)

PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PPTX
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
PPTX
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Heart disease approach using modified random forest and particle swarm optimi...
IAESIJAI
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PPTX
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
PDF
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
PPTX
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PPTX
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
1. Introduction to Computer Programming.pptx
bonakiduza1024
 
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Heart disease approach using modified random forest and particle swarm optimi...
IAESIJAI
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
SOPHOS-XG Firewall Administrator PPT.pptx
AgnesMunisi
 
Mushroom cultivation and it's methods.pdf
mailmeonrishi
 
cloud_computing_Infrastucture_as_cloud_p
mainakbhattacharya20
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
TLE Review Electricity (Electricity).pptx
JayPolicarpio2
 
Teaching material agriculture food technology
LiaRayya
 
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 

Devina Dhawan's talk - Women and non binary focused intro to AWS

  • 1. Transitioning to AWS in a hurry without getting owned (Hopefully...) Devina Dhawan 02/06/2017 - Women & Non-Binary Focused intro to AWS Email: [email protected] Twitter: @theulzo 1
  • 2. Introduction 2 ● Etsy (Jan 2015 - Present) ● Orbitz (May 2014 - Dec 2015) ● University of Illinois in Chicago
  • 3. Etsy operates a global marketplace where people around the world connect, both online and offline, to make, sell and buy unique goods. 3
  • 4. Security at Etsy 4 ● Evangelizing Security at Etsy ○ Candy is a great way to make friends ○ Allow the conversation about security to be comfortable and inviting.
  • 5. What is this talk about? • I will help you improve your existing AWS infrastructure • You will walk away with action items • http://bit.ly/2EnZU1q 5
  • 7. 7 - Traditional bare metal - Minimal footprint in the clouds Infrastructure
  • 9. 9 ● Evident.io ○ Scans of configurations to see if anything is misconfigured ● Password policies? ● Multi-factor Authentication ● Jira Tickets Evident.io
  • 10. 10 Low-hanging IAM Fruit # Password Policy # Multi-factor auth Monitoring # Cloudtrail Logging EC2 # Netwerkin’ # EC2 Roles S3 # S3 Bucket Policies
  • 11. Scout2 ● Github Page: https://github.com/nccgro up/Scout2 ● Reports for all accounts ● Tie that into alerts manually
  • 12. 12 Low-hanging IAM Fruit # Password Policy # Multi-factor auth Monitoring # Cloudtrail Logging EC2 # Netwerkin’ # EC2 Roles S3 # S3 Bucket Policies
  • 13. Changes I made… like a goon • Password policy to the highest scrutiny • Removed all admin roles from accounts that didn’t need them (aka hadn’t used aws in 2 yrs and didn’t have any api keys tied to their user) 13
  • 15. My first Etsy communication Hello X, Looks like you still do not have MFA set up on your AWS account. Go ahead and go to Identity & Access Management in your Amazon Web Services console -> find your username -> Manage MFA Device. Note: If you no longer need your AWS account, please let me know! Devina
  • 16. Version 2.0 Hello X, Looks like you still do not have MFA set up on your AWS account. It looks like you used your AWS account recently as well, so please sign up for MFA by 03/31/16 or your account will be suspended. Go ahead and go to Identity & Access Management in your Amazon Web Services console -> find your username -> Manage MFA Device. Note: If you no longer need your AWS account, please let me know! Your neighborhood candy provider, Devina
  • 18. Multiple statements which allow you to: ● Resync MFA devices ● Deactivate MFA devices ● List MFA devices ● Primary, management Other policies: ● Forcing MFA
  • 20. Aws-cli for account creation Becoming really used to the aws client is really useful too!
  • 21. Using Terraform for IAM ● What is terraform? ● What can it do? ○ Static creds ○ Environment variables ○ Shared creds ○ EC2 Roles
  • 23. 23 Low-hanging IAM Fruit # Password Policy # Multi-factor auth Monitoring # Cloudtrail Logging EC2 # Netwerkin’ # EC2 Roles S3 # S3 Bucket Policies
  • 24. Logging in AWS - Cloudtrail
  • 28. ELK
  • 29. Alert Types Email: ● Daily Roundup Emails ○ No production impacting ● High Risk Alerts ○ Enough resources to handle IRC/Slack/Jabber: ● Slack & Dropbox Collect the alerts: ● Splunk ● 411 / Elastalert
  • 30. 30 Low-hanging IAM Fruit # Password Policy # Multi-factor auth Monitoring # Scout2 # Logging EC2 # Netwerkin’ # EC2 Roles S3 # S3 Bucket Policies
  • 33. 33 Low-hanging IAM Fruit # Password Policy # Multi-factor auth Monitoring # Scout2 # Logging EC2 # Netwerkin’ # EC2 Roles S3 # S3 Bucket Policies
  • 37. ● Bug Bounties at Etsy: https://www.etsy.com/bounty ● S3 Scanner Github: https://github.com/bear/s3scan ○ Report of all s3 buckets and perms ○ Likely how bountiers are finding out about your misconfigured policies.
  • 38. 38 So… it happened, what do I do now? ❏ Write down all the systems you need to take care of ❏ Find out what you need to fix on all systems, write that down ❏ Start with the low-hanging fruit ❏ Over communicate what you are doing. ❏ Work with networking on the AWS network ❏ Create default rulesets & roles ❏ Work with IT/helpdesk to handle account provisioning ❏ Work with systems engineering to handle provisioning of services ❏ … profit?