Learn
Connect
Blog
Resource hub
Featured resource
2026 Tech Forecast
2026 Tech Forecast

1,500+ tech insiders, business leaders, and Pluralsight Authors share their predictions on what’s shifting fastest and how to stay ahead.

Download the forecast
  • Lab
    • Libraries: If you want this lab, consider one of these libraries.
    • Cloud
    • Security
Google Cloud Platform icon
Labs

Running a Compliant Governance Check in an AWS Pipeline

This lab serves as the final positive validation test for the entire governance pipeline pattern built in the previous labs. You will be provided a set of lab files, and you must idenitfy which portion of the CloudFormation template needs to be fixed to allow it to be deployed via the governance pipeline. This reinforces the principle that security checks should act like fast, deterministic unit tests. **NOTE**: **Please ensure that you read through the additional information and resources section. **

Get started Contact sales
Google Cloud Platform icon
Lab platform
Lab Info
Level
Intermediate
Last updated
Jun 03, 2026
Duration
30m

Contact sales

By clicking submit, you agree to our Privacy Policy and Terms of Use, and consent to receive marketing emails from Pluralsight.
Table of Contents

  1. Challenge

    Verify AWS resources were deployed and locally clone the repository files

    Before you begin implementing a compliant change, you need to verify that the resources were deployed, and you need to clone the repository files locally.

    • Within CloudShell (or your local IDE) clone the repo. listed in the lab's Additional Resources seciton.
    • Verify the pre-existing resources were deployed in AWS
      • Amazon S3 bucket (starts with governance-lab-artifacts-)
      • AWS CodePipeline (governance-pipeline) with four stages:
        • Source
        • GovernanceLint
        • GovernanceGuard
        • Deploy
      • AWS CloudFormation stack (governance-lab-deploy)

  2. Challenge

    Trigger a new pipeline build

    Now that you’ve verified the required resources have been deployed and you have cloned the repository files, you can create your artifacts.zip file and upload it to trigger a pipeline build.

    • Recursively zip up all of the required files into an artifacts.zip file.
    • Upload the artifacts.zip file to your Amazon S3 artifacts bucket.
    • Ensure that your governance-pipeline is executing a new build.
      • The pipeline should fail.

  3. Challenge

    Inspect the AWS CodePipeline build logs

    After your pipeline has failed, you will need to investigate the log files for the build that failed so you can identify the location of the error.

    • Find the failed stage within your governance-pipeline.
    • Within the failed stage action, investigate the build logs.
    • Search within the build logs to find the FAILED rule, as well as the associated resource that triggered it.
    • Make note of both the line and the resource that caused the failure.

  4. Challenge

    Update and fix the template file

    After you have identified which resource triggered the failure for the guard rule, you need to correct the template and prepare it for a new deployment.

    • Edit the infra/template.yml cfn template file.
      • Navigate to the resource that was causing the error and fix the resource properties causing the failure.
    • Write and save the file.

  5. Challenge

    Create the new artifacts.zip and trigger the pipeline

    With the template in place, you can now create an updated artifacts.zip file and upload it to your S3 bucket to trigger your pipeline.

    • Create an updated artifacts.zip file containing the updated files.
    • Upload the new artifacts.zip file to the Amazon S3 bucket in your account.
    • Select your governance-pipeline within AWS Code Pipeline
    • For the pipeline to successfully complete.
    • Once the pipeline is done executing, view the deploy stages output summary.
    • Verify the new AWS CloudFormation template was deployed and the new resource exists
About the author
Pluralsight Skills - Labs - Pluralsight
Pluralsight Skills

Pluralsight Skills gives leaders confidence they have the skills needed to execute technology strategy. Technology teams can benchmark expertise across roles, speed up release cycles and build reliable, secure products. By leveraging our expert content, skill assessments and one-of-a-kind analytics, keep up with the pace of change, put the right people on the right projects and boost productivity. It's the most effective path to developing tech skills at scale.

Real skill practice before real-world application

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Learn by doing

Engage hands-on with the tools and technologies you’re learning. You pick the skill, we provide the credentials and environment.

Follow your guide

All labs have detailed instructions and objectives, guiding you through the learning process and ensuring you understand every step.

Turn time into mastery

On average, you retain 75% more of your learning if you take time to practice. Hands-on labs set you up for success to make those skills stick.

Get started with Pluralsight

View individual plans View team plans
Related Pages