Skip to main content

Security, Identity and Compliance

  1. AWS Identity & Access Management (IAM) - Manage User Access and Encryption Keys
  2. Amazon Cloud Directory - Create Flexible Cloud-native Directories
  3. Amazon Cognito - Identity Management for your Apps
  4. AWS Single Sign-On - Cloud Single Sign-On (SSO) Service
  5. Amazon GuardDuty - Managed Threat Detection Service
    1. Amazon GuardDuty
    2. Amazon GuardDuty combines ML and integrated threat intelligence from AWS and leading third parties to help protect your AWS accounts, workloads, and data from threats.
  6. AWS Direct Connect - Dedicated Network Connection to AWS
  7. Amazon Inspector - Analyze Application Security
  8. Amazon Macie - Discover, Classify, and Protect Your Data
    1. Amazon Macie is a data security service that uses machine learning (ML) and pattern matching to discover and help protect your sensitive data.
    2. What is Amazon Macie? | Amazon Web Services - YouTube
  9. AWS Certificate Manager - Provision, Manage, and Deploy SSL/TLS Certificates
  10. AWS CloudHSM - Hardware-based Key Storage for Regulatory Compliance
  11. AWS Directory Service - Host and Manage Active Directory
  12. AWS Key Management Service - Managed Creation and Control of Encryption Keys
  13. AWS Organizations - Policy-based Management for Multiple AWS Accounts
  14. AWS Shield - DDOS Protection
  15. AWS WAF - Filter Malicious Web Traffic

AWS Startup Security Baseline (AWS SSB) - AWS Prescriptive Guidance

Security Groups

  • Cluster security group - It is designed to allow all traffic from the control plane and managed node groups to flow freely between each other
  • Node security group - It is designed to allow traffic between worker nodes, or allowing a service like rds, redshift

Cryptography & PKI

Use Key Management Service (AWS KMS) to securely manage Ethereum accounts: Part 1 | AWS Database Blog

AWS Shared Responsibility Model

aws-shared-responsibility-model

Others

Open-source SAST tools such as Semgrep, Bandit, or  KICS can help you find vulnerabilities and compliance issues in your code.

GitHub - ossf/scorecard: OpenSSF Scorecard - Security health metrics for Open Source

Security Checks Simplified: How to Implement Best Practices with Ease - YouTube