Best Practices for Security, Identity, & Compliance
Learn how to meet your security and compliance goals using AWS infrastructure and services. To learn current AWS recommendations and strategies to use when designing cloud architectures with security in mind, see the Security Pillar - AWS Well-Architected Framework. To browse AWS security documentation by category, see AWS Security Documentation.
Featured Content
Identity & Access Management
- Documentation: Security Best Practices in IAM
- Blog: IAM Policy Types - How and When to Use Them
- Video: AWS Identity - Choosing the Right Mix of AWS IAM Policies for Scale
- Training: Introduction to AWS Identity and Access Management
- Workshops: Identity
Detection
- Documentation: AWS Security Hub User Guide - AWS Foundational Security Best Practices Standard
- Workshop: AWS Security Hub
- Solutions Implementation: Automated Security Response on AWS
- Blog: How You Can Use Amazon GuardDuty to Detect Suspicious Activity Within Your AWS Account
- Training: AWS Security Best Practices - Monitoring and Alerting
Infrastructure Protection
- Whitepaper: AWS Best Practices for DDoS Resiliency
- Solutions Implementation: WAF Automation on AWS
- Technical Guide: Guidelines for Implementing AWS WAF
- Workshops: Infrastructure Security
- Technical Guide: AWS Security Reference Architecture
Data Protection & Privacy
- Documentation: Introduction to the Cryptographic Details of AWS KMS
- Video: Do You Need an AWS KMS Custom Key Store?
- Compliance Guide: Using AWS in the Context of Common Privacy and Data Protection Considerations
- Workshops: Data Protection
- Blog: Three Common Cloud Encryption Questions and Their Answers on AWS
Compliance
Incident Response
- Video: How to Prepare for & Respond to Security Incidents in Your AWS Environment
- Technical Guide: AWS Security Incident Response Guide
- re:Invent: DIY Guide to Runbooks, Incident Reports, and Incident Response
- Workshop: Amazon GuardDuty
- Whitepaper: Ransomware Risk Management on AWS Using the NIST Cyber Security Framework (CSF)
AWS re:Invent 2021: Continuous security improvement - Strategies and tactics
AWS re:Invent 2021: AWS Security Reference Architecture - Visualize your security
AWS re:Invent 2020: Zero Trust: An AWS perspective
Most Popular
- Well-Architected: Security Pillar
- Solutions Implementation: AWS Landing Zone
- Solutions Implementation: Centralized Logging