minor updates to the secure landing zone slides

secure-landing-zones/sections/account-vending.html

@@ -1,7 +1,7 @@
 <section><h1>Account Vending</h1></section>
 <section>
   <h2>Account Vending</h2>
-  <q>Automated and scalable system to (de)provision and configure account</q>
+  <q>Automated and scalable system to (de)provision and configure accounts</q>
 </section>
 <section>
   <h2>Account Vending</h2>
@@ -10,6 +10,7 @@ <h2>Account Vending</h2>
     <li>Set baseline configurations</li>
     <li>Enable / Disable AWS Regions</li>
     <li>Clean-up default resources</li>
+    <li>Create SSO Mappings</li>
     <li>...</li>
   </ul>
 </section>

secure-landing-zones/sections/header.html

@@ -14,7 +14,7 @@ <h2>Deploying Secure Landing Zones in highly regulated sectors</h2>
         />
       </div>
       <span class="text-sm">
-        <a href="https://elft3r.github.io/presentations/cloud-migrations/"
+        <a href="https://elft3r.github.io/presentations/secure-landing-zones/"
           >https://elft3r.github.io/presentations/secure-landing-zones/</a
         >
       </span>

secure-landing-zones/sections/jochen.html

@@ -5,7 +5,7 @@ <h2>Jochen Zehnder</h2>
     <ul>
       <li>Software Development Background</li>
       <li>Infrastructure Full-Stack Engineer</li>
-      <li>AWS Community Builder & Docker Community Leader</li>
+      <li>AWS Community Builder</li>
     </ul>
   </div>
   <div class="col-span-1">

secure-landing-zones/sections/landing-zone.html

@@ -17,7 +17,7 @@ <h2>What is a Landing Zone?</h2>
       class="rounded"
       src="./imgs/landing-zone-air-zermatt.jpeg"
       style="max-width: 50%"
-      alt="Jochen Zehnder"
+      alt="Air Zermatt - Landing Zones"
     />
   </div>
   <span class="text-sm">

secure-landing-zones/sections/multi-account.html

@@ -5,7 +5,7 @@ <h2>Requirements</h2>
     <li>Support CID and non-CID Environments</li>
     <li>Support multitude of applications</li>
     <li>Support EKS Based Workload</li>
-    <li>Support organization structure</li>
+    <li>Reflect organization structure</li>
   </ul>
 </section>
 <section>
@@ -38,7 +38,7 @@ <h2>Questions?</h2>
       <p>What account structure?</p>
     </div>
     <div class="fragment">
-      <p>What environment?</p>
+      <p>What environments?</p>
     </div>
     <div class="fragment">
       <p>How many EKS Clusters?</p>

secure-landing-zones/sections/security.html

@@ -37,3 +37,33 @@ <h2>Fine-grained access control</h2>
     <img class="rounded" src="imgs/user-assignment.svg" alt="User Assignment" />
   </div>
 </section>
+<section>
+  <h2>Automated Assignment</h2>
+  <ul>
+    <li>AWS Identity Center needs mapping</li>
+    <ul>
+      <li>
+        <em>Account / OU</em> &#8596; <em>User / Group</em> &#8596;
+        <em>Permission Set</em>
+      </li>
+    </ul>
+    <li>
+      We used
+      <a href="https://github.com/aws-samples/assignment-automation-4-aws-sso"
+        >aws-samples/assignment-automation-4-aws-sso</a
+      >
+    </li>
+    <li>Create naming convention for Groups</li>
+    <ul>
+      <li>
+        <em>platform-read-only</em>
+      </li>
+      <li>
+        <em>domain-&lt;domain-name&gt;-db-admin</em>
+      </li>
+      <li>
+        <em>workload-&lt;domain-name&gt;-&lt;workload-name&gt;-db-admin</em>
+      </li>
+    </ul>
+  </ul>
+</section>