AWS Security Services [Cheat Sheet]

AWS Security Services Banner

Whether you’re actively trying to secure your AWS environments, you’re studying for the Certified Security Specialty exam, or you’re just curious and want to learn more about AWS and cloud security, you’ll find that AWS offers quite a large number of security-focused services and features. This can be daunting when you’re first getting started, but it doesn’t have to be!

Each of these services can be categorized under core security pillars. Let’s see where each service fits in:

🔐 Identity & Access Management:

🔵 IAM: Your cornerstone for securely managing access to AWS services and resources

🔵 IAM Access Analyzer: Fine-tune access with granular permissions (Tip: use this to give least privilege permissions!)

🔵 AWS Organizations: Manage and govern multiple AWS accounts

🔵 IAM Identity Center: Simplify workforce access across AWS accounts, services, and apps

🛡️ Data Protection:

🟪 Amazon Macie: Discover and shield sensitive data at scale

🟪 AWS KMS: Your locksmith, managing cryptographic keys with finesse

🟪 AWS Secrets Manager: A secure vault, safeguarding and rotating your secrets (Tip: Use to get rid of hard-coded and plaintext secrets)

🟪 AWS Certificate Manager: Provision and deploy SSL/TLS certs

🌐 Edge & Network Protection:

🟧 AWS WAF: Block web threats like SQL injection and XSS

🟧 AWS Shield: Guard against DDoS attacks

🟧 AWS Firewall Manager: Manage firewall rules, SGs, and Shield, across your AWS Organization

🟧 AWS Network Firewall: Fortify network security across Amazon VPCs by filtering traffic

🔍 Threat Detection & Response:

🔴 Amazon GuardDuty: A relentless threat detection service, continuously monitoring for malicious activities

🔴 Amazon Detective: Dive deep into security data and visualize threats

🔴 Amazon Inspector: Discover workloads and scan them for software vulnerabilities

🔴 AWS CloudTrail: A meticulous recorder, logging user activity and API usage (Tip: push to CloudWatch Logs for tracking & to generate metrics and alerts)

🔴 AWS Config: A detailed observer, recording and evaluating configurations of AWS resources (Tip: use with SSM and Lambda for automated remediation)

🔴 AWS Security Hub: Unified security command center, providing a comprehensive view of alerts and posture

📜 Compliance:

🟩 AWS Audit Manager: Continuously auditing AWS usage against prebuilt and custom frameworks

🟩 AWS Artifact: Your gateway to compliance reports from AWS and ISVs

🟩 AWS Control Tower: Account deployment and governance

More & Conclusion

💡 There are more not covered above you can view here:

🚨 Remember that you do not need to be using all of these services. It depends on your use case/workload/business requirements. You may also find third-party solutions that offer a better approach.

That’s also why I’m here! To get you started, check out our Introduction to AWS Security course (now with Hands-On Labs!)

AWS native security services

Want more cheat sheets like this? Check them out here.

Related Articles


Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.