Secure Architecture Builder

Interactive architecture-design lab. Six scenarios cover three-tier VPC layout (public/private/isolated), WAF placement at both CloudFront and ALB with origin verification, AWS SSM Session Manager + IAM database auth replacing SSH bastions, AWS Secrets Manager + Secrets Store CSI Driver as the right baseline, CloudFront-to-origin authentication via custom headers and OAC, and active-active multi-region split-brain risk on payment workloads.

← Back to all games