Contact Sales

AWS Answers is a repository of instructional documents written by AWS architects. Here, you'll find guidance on account management, configuration management, logging, mobile applications, networking, security, and web applications. These documents are meant to help you get up to speed on the AWS cloud with architecture and operations that will grow with you as your use of cloud computing expands.


Having multiple AWS accounts helps some customers more efficiently allocate costs and resources within their organizations. This brief provides account-level considerations, best practices, and high-level strategic guidance to help structure and manage multiple AWS accounts for billing purposes.
Download »

AWS customers often leverage multiple AWS accounts to help control access to their AWS resources. This brief provides account-level considerations, best practices, and high-level strategic guidance to help structure and manage multiple AWS accounts for security purposes.
Download »

This brief provides best practices for tagging AWS resources to make them easier to manage. It discusses common tag categories and strategies to help AWS customers implement a consistent and effective tagging approach for their AWS environment.
Download »


Determining what software to include in a server image when building a custom AMI can be challenging. This brief provides strategic guidance for creating images, describes three common AMI designs, and offers high-level tagging strategies for easier AMI organization and identification.
Download »

This brief describes AWS-managed and APN Partner Network member products for configuring and managing infrastructure deployed to AWS. This brief provides best practices and guidance to consider when choosing configuration management solutions for managing changes to AWS resources, operating systems, application stacks, or other AWS-based infrastructure.
Download »


AWS provides many service-specific security and audit logs to help customers meet their compliance requirements. This brief provides a consolidated, high-level overview of the different AWS services, the security and audit log data they generate, and where this information is stored.
Download »


Learn how to use AWS managed services to create an in-app update solution that supports all mobile ecosystems. This brief reviews end-user and developer-publishing workflows and includes best practices for deploying mobile apps on the AWS Cloud.
Download »


This brief provides high-level best practices for designing an Amazon VPC network and outlines the most common single VPC configurations. It also offers guidance on how to size your VPC and subnets.
Download »

This brief describes common configurations and considerations for creating highly available VPN and AWS Direct Connect connections between Amazon VPC and a single data center.
Download »

This brief describes common configurations and considerations for creating highly available VPN and AWS Direct Connect connections between Amazon VPC and multiple data centers, including detailed routing advice for optimizing network path selection in complex network environments.
Download »

Amazon VPC endpoints enable private connections between resources in a VPC and other AWS services. This brief describes a highly available and scalable DNS-based proxy solution that allows you to leverage VPC endpoint capabilities from remote networks.
Download »

This brief describes AWS recommended approaches for creating private connections between Amazon VPC networks in the same region using VPC peering, AWS Direct Connect, or a VPC dedicated to transitive routing.
Download »

This brief describes recommended approaches for creating private connections between AWS regions by routing over AWS or non-AWS networks depending on a customer’s use case and requirements.
Download »

AWS customers with multiple Amazon VPC networks often want to minimize the number of remote connections to AWS. This brief addresses key considerations, recommendations, and common approaches for connecting multiple Amazon VPC networks to on-premises infrastructure using a single VPN connection.
Download »

Learn how to create a global transit hub on the AWS Cloud. This answer provides architectural guidance, networking best practices, and a prescriptive AWS solution using Cisco Cloud Services Router (CSR) 1000V.

For more details »

This brief addresses key considerations and recommendations for managing outbound (egress) traffic from Amazon VPC networks. It describes Amazon VPC features for controlling egress traffic and other options including third-party offerings that incorporate additional filtering, monitoring, and traffic-control capabilities.
Download »

This brief gives an overview of the AWS services and features that customers can use to control access to their network resources and to monitor network traffic and configuration changes. It also includes recommendations for third-party products that provide additional network management and monitoring capabilities.
Download »

In the event on a Distributed Denial of Service (DDoS) attack, AWS customers can leverage multiple capabilities to absorb and deflect unwanted traffic while working with AWS support to mitigate the issue. This brief provides general best practices for DDoS security, identifies key AWS services for mitigating DDoS attacks, and describes high-level attack mitigation approaches for common application patterns.
Download »

 

AWS and AWS Partner Network members offer a comprehensive set of capabilities to help customers secure their Amazon VPC networks. This brief provides an overview of these capabilities, highlighting features for network traffic control, routing, and firewalls, and also includes general best practices for network security.
Download »


This brief offers baseline security guidance and best practices for securely setting up an AWS account for the first time. It includes how to communicate with AWS, how to manage and control user access within an account, and how to monitor and audit user activities.
Download »

This brief provides OS-specific best practices, features, and recommendations for securing Amazon EC2 instances running Microsoft Windows. It includes considerations for user and API access, data encryption, change management, and other topics.
Download »

This brief provides OS-independent best practices and prescriptive advice for applying server-level controls to Amazon VPC virtual instances. It includes considerations for user and API access, data encryption, change management, and other topics.
Download »

This brief provides best practices and strategic guidance to help establish an initial set of controls using AWS IAM. It explains how to secure an administrator account, create new IAM users, groups, and policies, and how to set a solid IAM foundation for your growing organization.
Download »

Amazon EC2 virtual instances are completely controlled by you, which gives you the flexibility to choose the OS-level access controls that are right for your business. This brief includes best practices for controlling OS-level access and describes two prescriptive approaches for EC2 access management: emergency-only access or leveraging a centralized directory service.
Download »


AWS offers several tools and services to help customers deploy and manage Java applications. This brief is intended for new customers who are looking for prescriptive recommendations for getting a Java web application up and running for the first time on AWS as quickly as possible.
Download »

AWS offers several tools and services to help customers deploy and manage .NET applications. This brief is intended for new customers who are looking for prescriptive recommendations for getting a .NET web application up and running for the first time on AWS as quickly as possible.
Download »

The AWS Documentation site is a rich resource for understanding how to use all of the AWS services, and our Self-Paced Labs can provide you with hands-on instruction of the fundamentals through expert-level scenarios.

AWS Documentation     |     Self-Paced Labs