Inspiration
Using AWS as a cloud service is very beneficial, but while it's easy to use, security becomes extremely important. The idea for this service was born from thinking about how to create a solution for learning AWS security.
What it does
The service will be offered as open-source, and users will deploy it to their own AWS accounts. After deployment, they will access the learning service's web application to begin their training. By making security-enhancing fixes to the vulnerable environment deployed in their AWS account from the console, they can earn points on the learning service. Through the process of earning points, they will learn how to operate the AWS console and configure security settings.
How we built it
Initially, I used Kiro's Spec mode to provide instructions as specifically as possible. Since this system will be released as open-source, documentation such as deployment procedures is extremely important. Therefore, I had Kiro generate the documentation, and I made sure to review it myself.
For the application, after confirming its operation, I used Vibe mode to fix any parts where errors occurred.
Additionally, I used Agent Hook to perform a syntax check by running the file with the -n option whenever I made changes to a shell script.
Challenges we ran into
It took a long time to fix the error during debugging because the error's details weren't communicated well.
Accomplishments that we're proud of
We are proud to contribute to the community by providing an AWS learning environment as an open-source project. While it's not yet at a level ready for full service deployment, we plan to make improvements and expand its capabilities in the future.
Additionally, since we anticipate learners will deploy the service to their own AWS accounts, we created documentation on costs to address any potential concerns they might have about expenses.
What we learned
I had very little experience with development using generative AI, so this hackathon was a great opportunity for me. I especially had almost no experience with application development, and I learned a lot about creating and running tests.
It also reinforced for me the importance of having the AI understand the context when writing prompts.
What's next for Lockdown
At this time, the content is limited to a few security settings for EC2, RDS, and S3, but we plan to expand the number of services covered in the future to grow it into a learning platform with a wider range of content.
Built With
- amazon-dynamodb
- amazon-web-services
- axios
- cloudformation
- cloudtrail
- eventbridge
- lambda
- material-ui
- react
- typescript
- vite
Log in or sign up for Devpost to join the conversation.