Skip to content

Mitigating Common Web Application Attack Vectors Using AWS WAF - Build Phase

Environment setup

To get started at an AWS event where the Event Engine is being used

The CloudFormation Stack for this event should already be deployed.

  1. Click here to open the Event Engine dashboard in a separate browser tab.
  2. Enter the team hash code that you were provided and click Proceed..
  3. Click AWS Console.
  4. Click Open Console.
  5. Make sure you are in the correct region.
  6. Go to the CloudFormation console.
  7. Click here to proceed to the Assess Phase of the Perimeter Layer.
  8. Optionally download the Workshop Companion Guide.

Click here if you're not at an AWS event or are using your own account

To setup the workshop environment, launch the CloudFormation stack below in the preferred AWS region using the "Deploy to AWS" links below. This will automatically take you to the console to run the template. In order to complete these workshops, you'll need a valid, usable AWS Account. Use a personal account or create a new AWS account to ensure you have the necessary access and that you do not accidentally modify corporate resources. Do not use an AWS account from the company you work for. We stronly recommend that you use a non-production AWS account for this workshop such as a training, sandbox or personal account. If multiple participants are sharing a single account you should use unique names for the stack set and resources created in the console.


US West 2 (Oregon)         Deploy in us-west-2


US East 2 (Ohio)         Deploy in us-east-2


US East 1 (N. Virginia)         Deploy in us-east-1


EU West 1 (Ireland)         Deploy in us-east-1


AP Southeast 2 (Sydney)         Deploy in ap-southeast-2


  1. Click Next on the Specify Template section.

  2. On the Specify stack details step, update the following parameters depending on how you are doing this workshop:

    info "Individual or an event not sponsored by AWS"

  3. If you are sharing an AWS account with someone else in the same region, change the name of the stack to pww-yourinitials

  4. Automated Scanner: Set to false.
  5. Scanner Username: Enter null
  6. Scanner Password: Enter null
  7. Trusted Network CIDR: Enter a trusted IP or CIDR range you will access the site from using a web browser. You can obtain your current IP at Ifconfig.co The entry should follow CIDR notation. i.e. 10.10.10.10/32 for a single host.
  8. Keep the defaults for the rest of the parameters.

  9. Click Next

  10. Click Next on the Configure stack options section.

  11. Finally, acknowledge that the template will create IAM roles under Capabilities and click Create.

This will bring you back to the CloudFormation console. You can refresh the page to see the stack starting to create. Before moving on, make sure the stack is in a CREATE_COMPLETE status. This should take ~8 minutes.


You can now proceed to the Assess Phase of the Perimeter Layer.