Skip to content

Identifying and Remediating Host Vulnerabilities - Host Layer Round - Build Phase

Environment setup

For those who have completed the Web Application Firewall round

If you have completed the Web Application Firewall round, this round uses the same environment. If you have not deleted the AWS CloudFormation stack from the Web Application Firewall round, you can click here to proceed to the Assess Phase.


Click here if you're not at an AWS event or are using your own account

In order to complete these workshops, you'll need a valid, usable AWS Account. Use a personal account or create a new AWS account to ensure you have the necessary access and that you do not accidentally modify corporate resources. Do not use an AWS account from the company you work for. We stronly recommend that you use a non-production AWS account for this workshop such as a training, sandbox or personal account. If multiple participants are sharing a single account you should use unique names for the stack set and resources created in the console.


To setup the workshop environment, launch the CloudFormation stack below in the preferred AWS region using the "Deploy to AWS" links below. This will automatically take you to the console to run the template.

US West 2 (Oregon)         Deploy in us-est-2


US East 2 (Ohio)         Deploy in us-east-1


US East 1 (N. Virginia)         Deploy in us-east-1


EU West 1 (Ireland)         Deploy in us-east-1


AP Southeast 2 (Sydney)         Deploy in ap-southeast-2


  1. Click Next on the Specify Template section.

  2. On the Specify stack details step, update the following parameters depending on how you are doing this workshop:

  3. If you are sharing an AWS account with someone else in the same region, change the name of the stack to pww-yourinitials

  4. Automated Scanner: Set to false.
  5. Scanner Username: Leave default.
  6. Scanner Password: Leave default.
  7. Trusted Network CIDR: Enter a trusted IP or CIDR range you will access the site from using a web browser. You can optain your current IP at Ifconfig.co The entry should follow CIDR notation. i.e. 10.10.10.10/32 for a single host.
  8. Keep the defaults for the rest of the parameters.

  9. Click Next.

  10. Click Next on the Configure stack options section.

  11. Check the box to acknowledge that the template will create IAM roles under Capabilities and click Create.

This will bring you back to the CloudFormation console. You can refresh the page to see the stack starting to create. Before moving on, make sure the stack is in a CREATE_COMPLETE status. This should take approximately eight minutes.


Click here to proceed to the Assess Phase.