AWS Cloud Security
Overview Security Services Compliance Offerings Privacy Learning Security Bulletins Blog Partners Customers

Security, Identity, and Compliance on AWS

Secure your workloads and applications in the cloud
Data protection
Identity & access management
Infrastructure protection
AWS provides services that help you protect your data, accounts, and workloads from unauthorized access. AWS data protection services provide encryption and key management and threat detection that continuously monitors and protects your accounts and workloads.
AWS Identity Services enable you to securely manage identities, resources, and permissions at scale. With AWS, you have identity services for your workforce and customer-facing applications to get started quickly and manage access to your workloads and applications.
AWS protects web applications by filtering traffic based on rules that you create. For example, you can filter web requests based on IP addresses, HTTP headers, HTTP body, or URI strings, which allows you to block common attack patterns, such as SQL injection or cross-site scripting.
Threat detection & continuous monitoring
Compliance & data privacy
AWS identifies threats by continuously monitoring the network activity and account behavior within your cloud environment.
AWS gives you a comprehensive view of your compliance status and continuously monitors your environment using automated compliance checks based on the AWS best practices and industry standards your organization follows.
Data protection
AWS provides services that help you protect your data, accounts, and workloads from unauthorized access. AWS data protection services provide encryption and key management and threat detection that continuously monitors and protects your accounts and workloads.
Threat detection & continuous monitoring
AWS identifies threats by continuously monitoring the network activity and account behavior within your cloud environment.
Identity & access management
AWS Identity Services enable you to securely manage identities, resources, and permissions at scale. With AWS, you have identity services for your workforce and customer-facing applications to get started quickly and manage access to your workloads and applications.
Compliance & data privacy
AWS gives you a comprehensive view of your compliance status and continuously monitors your environment using automated compliance checks based on the AWS best practices and industry standards your organization follows.
Infrastructure protection
AWS protects web applications by filtering traffic based on rules that you create. For example, you can filter web requests based on IP addresses, HTTP headers, HTTP body, or URI strings, which allows you to block common attack patterns, such as SQL injection or cross-site scripting.

AWS Security, Identity, & Compliance services

Category
Use cases
AWS service
Identity & access management
Identity management for your apps

Amazon Cognito

Identify management for your apps.

Amazon Cognito
Managed Microsoft Active Directory

AWS Directory Service

Host and manage active directory.

AWS Directory Service
Manage user access and encryption keys

AWS Identity & Access Management (IAM)

Manage user access and encryption keys.

AWS Identity & Access Management (IAM)
Simple, secure service to share AWS resources

AWS Resource Access Manager

Simple, secure service to share AWS resources.

AWS Resource Access Manager
Rotate, manage and retrieve secrets

AWS Secrets Manager

Rotate, manage, and retrieve secrets.

AWS Secrets Manager
Cloud single-sign-on (SSO) service

AWS Single Sign-On

Cloud single sign-on (SSO) service.

AWS Single Sign-On
Detective controls
Unified security and compliance center

AWS Security Hub

Unified security and compliance center.

AWS Security Hub
Managed threat detection service

Amazon GuardDuty

Managed threat detection service.

Amazon GuardDuty
Analyze application security

Amazon Inspector

Analyze application security.

Amazon Inspector
Discover, classify and protect your data

Amazon Macie

Discover, classify, and protect your data.

Amazon Macie
Investigate potential security issues

Amazon Detective

Investigate potential security issues.

Amazon Detective
Infrastructure protection
DDoS protection

AWS Shield

DDoS protection.

AWS Shield
Filter malicious web traffic

AWS Web Application Firewall (WAF)

Filter malicious web traffic.

AWS Web Application Firewall (WAF)
Central management of firewall rules

AWS Firewall Manager

Central manangement of firewall rules.

AWS Firewall Manager
Data protection
Key storage and management

AWS Key Management Service (KMS)

Managed creation and control of encryption keys.

AWS Key Management Service (KMS)
Hardware based key storage for regulatory compliance

AWS CloudHSM

Hardware-based key storage for regulatory compliance.

AWS CloudHSM
Provision, manage, and deploy public and private SSL/TLS certificates

AWS Certificate Manager

Provision, manage, and deploy SSL/TLS certificates.

AWS Certificate Manager
Compliance
No cost, self-service portal for on-demand access to AWS’ compliance reports

AWS Artifact

On-demand access to AWS' compliance reports.

AWS Artifact

AWS Security, Identity, & Compliance services

Category Use cases AWS service
Identity & access management Manage user access and encryption keys   AWS Identity & Access Management (IAM)
Cloud single-sign-on (SSO) service
 AWS Single Sign-On
Managed Microsoft Active Directory
 AWS Directory Service
Identity management for your apps Amazon Cognito
Rotate, manage and retrieve secrets
 AWS Secrets Manager
Simple, secure service to share AWS resources AWS Resource Access Manager
Detective controls
 Unified security and compliance center AWS Security Hub
Managed threat detection service Amazon GuardDuty
Analyze application security Amazon Inspector
Discover, classify and protect your data Amazon Macie
Investigate potential security issues Amazon Detective
Infrastructure protection DDoS protection AWS Shield
Filter malicious web traffic AWS Web Application Firewall (WAF)
Central management of firewall rules AWS Firewall Manager
Data protection Key storage and management
 AWS Key Management Service (KMS)
Hardware based key storage for regulatory compliance
 AWS CloudHSM
Provision, manage, and deploy public and private SSL/TLS certificates AWS Certificate Manager
Securing workloads on AWS
To make it easier for your to secure your workloads on AWS, we also provide the world’s most secure cloud platform.

Customers

Snap logo

"We love it when we are able to simply provide extra security without any inconvenience."

- Roger Zou on Amazon GuardDuty
Snap Inc.

Thermo Fisher Scientific logo
Gett
robinhood logo
Delaware North logo
Department of Defense logo
Here logo
British Gas logo
Canary logo
University of Maryland logo
Crop Trust logo
Soundcloud logo
Contact an AWS Business Representative
Have Questions? Connect with an AWS Business Representative
Exploring security roles?
Apply today »
Want AWS Security updates?
Follow us on Twitter »