Resources to understand AWS Security Features

Posted On January 13, 2023

AWS offers many solutions for different security problems. Following are the resources you should read to better understand the features:

Begin by reading Introduction to AWS Security whitepaper. 

Then understand AWS shared responsibility model so that you know what Amazon is responsible for and you are responsible for.

AWS Artifact is a repository that hosts security and compliance reports.

You should learn about the following:

• Amazon Web Services: Risk and Compliance
• AWS Compliance Programs
• AWS security services
• AWS Identity and Access Management (IAM)
  • To understand users, roles, groups, and IAM policies
  • To familiarize yourself with the principle of least privilege
• Using the root access
  • AWS account root user
  • MFA for the account root user in IAM
  • Tasks that require account root user access
• AWS CloudTrail for account activity
• Amazon CloudWatch to monitor your applications
• AWS Config to assess, audit, and evaluate the configuration of AWS resources
• For network security:
  • Learn about network access control lists (network ACLs) on AWS for subnet level firewalls
  • Learn about security groups for instance level firewalls
  • AWS WAF for web application firewalls
• security best practices for virtual private clouds (VPCs)
• Other useful resources
  • AWS Knowledge Center
  • AWS Security Blog
  • AWS security discussion forums
  • AWS Security Blog

Security is a diverse and complex topic so AWS offers a diverse set of solutions. Unfortunately, this means that you need to invest significant effort to understand.