Security, Identity, and Compliance on AWS
AWS Security, Identity, & Compliance services
AWS Identity & Access Management (IAM)
Securely manage access to services and resources.
AWS IAM Identity Center
Cloud single sign-on (SSO) service.
Amazon Cognito
Identify management for your apps.
AWS Directory Service
Host and manage active directory.
AWS Resource Access Manager
Simple, secure service to share AWS resources.
AWS Organizations
Central governance and management across AWS accounts.
AWS Security Hub
Automate AWS security checks and centralize security alerts.
Amazon GuardDuty
Protect AWS accounts with intelligent threat detection.
Amazon Inspector
Automate vulnerability management.
AWS Config
Record and evaluate configurations of your AWS resources.
AWS CloudTrail
Track user activity and API usage.
AWS IoT Device Defender
Security management for IoT devices.
AWS Network Firewall
Network security.
AWS Shield
DDoS protection.
Amazon Route 53 Resolver DNS Firewall
Filter and control outbound DNS traffic for your VPCs.
AWS Web Application Firewall (WAF)
Filter malicious web traffic.
AWS Firewall Manager
Central manangement of firewall rules.
Amazon Macie
Discover and protect your sensitive data at scale
AWS Key Management Service (KMS)
Managed creation and control of encryption keys.
AWS CloudHSM
Hardware-based key storage for regulatory compliance.
AWS Certificate Manager
Provision, manage, and deploy SSL/TLS certificates.
AWS Secrets Manager
Rotate, manage, and retrieve secrets.
Amazon Detective
Investigate potential security issues.
AWS Elastic Disaster Recovery
Scalable, cost-effective application recovery to AWS
AWS Artifact
On-demand access to AWS' compliance reports.
AWS Audit Manager
Continuously audit your AWS usage.
AWS Security, Identity, & Compliance services
Category | Use cases | AWS service |
---|---|---|
Identity & access management | Manage user access and encryption keys | AWS Identity & Access Management (IAM) |
Cloud single-sign-on (SSO) service |
AWS IAM Identity Center (successor to SSO) | |
Identity management for your apps | Amazon Cognito | |
Managed Microsoft Active Directory | AWS Directory Service | |
Simple, secure service to share AWS resources | AWS Resource Access Manager |
|
Central governance and management across AWS accounts | AWS Organizations | |
Detection |
Unified security and compliance center | AWS Security Hub |
Managed threat detection service | Amazon GuardDuty | |
Analyze application security | Amazon Inspector | |
Record and evaluate configurations of your AWS resources | AWS Config | |
Track user activity and API usage | AWS CloudTrail | |
Security management for IoT devices | AWS IoT Device Defender | |
Infrastructure protection | Network security | AWS Network Firewall |
DDoS protection | AWS Shield | |
Filter malicious web traffic | AWS Web Application Firewall (WAF) | |
Central management of firewall rules | AWS Firewall Manager | |
Data protection | Discover and protect your sensitive data at scale | Amazon Macie |
Key storage and management |
AWS Key Management Service (KMS) | |
Hardware based key storage for regulatory compliance |
AWS CloudHSM | |
Provision, manage, and deploy public and private SSL/TLS certificates | AWS Certificate Manager | |
Rotate, manage and retrieve secrets | AWS Secrets Manager | |
Incidence response | Investigate potential security issues | Amazon Detective |
Fast, automated, cost- effective disaster recovery | CloudEndure Disaster Recovery | |
Compliance | No cost, self-service portal for on-demand access to AWS’ compliance reports | AWS Artifact |
Continuously audit your AWS usage to simplify how you assess risk and compliance | AWS Audit Manager |

Customers

"We love it when we are able to simply provide extra security without any inconvenience."
- Roger Zou on Amazon GuardDuty
Snap Inc.










