AWS Security
Amazon Web Services security architecture and services
AWS Security encompasses the services, features, and best practices for securing workloads and data in Amazon Web Services cloud environments.
Core Security Services
- IAM - Identity and Access Management
- AWS Organizations - Multi-account management
- AWS SSO (Identity Center) - Centralized access management
- AWS KMS - Key Management Service
- AWS Secrets Manager - Secrets storage and rotation
- AWS Certificate Manager - TLS certificate management
Security Monitoring & Detection
- Amazon GuardDuty - Threat detection
- AWS Security Hub - Security posture management
- Amazon Inspector - Vulnerability assessment
- AWS CloudTrail - API activity logging
- Amazon CloudWatch - Monitoring and alerting
- AWS Config - Configuration compliance
Network Security
- VPC - Virtual Private Cloud isolation
- Security Groups - Instance-level firewall
- Network ACLs - Subnet-level firewall
- AWS WAF - Web application firewall
- AWS Shield - DDoS protection
- AWS Network Firewall - Managed network firewall
Compliance & Governance
- AWS Artifact for compliance reports
- Service Control Policies (SCPs)
- AWS Audit Manager
- AWS Well-Architected Framework
- Shared Responsibility Model