Security, risk, and compliance

The security, risk, and compliance workstream defines a structured approach to help you build confidence in AWS. It also enables foundational security, risk, and compliance capabilities that can accelerate your readiness and planning for a migration project. The delivery approach is built on the AWS CAF security perspective and provides more detailed guidance for security teams who are preparing for a migration of business workloads to AWS. This workstream leverages the concept of a virtual data center to address minimum baseline security and compliance controls. The virtual data center is intended to be constructed through an agile development process using one or more cloud security delivery teams.

Objectives

The security perspective provides a recommended initial configuration for the following:

Identity and access management model
Logging and monitoring model
Infrastructure security
Data protection
Incident response

Outcomes

Referenceable playbooks that can be referenced, are supported by relevant code examples, and cover the following five core topics for security and audit tasks using AWS services:

Identity and access management
Detective controls
Infrastructure security
Data protection
Incident response

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Landing zone

Operations