This whitepaper is for historical reference only. Some content might be outdated and some links might not be available.

# Capabilities
<a name="capabilities"></a>

 To support cloud adoption, AWS recommends that you have a foundational set of capabilities that enable you to deploy, operate, and govern your workloads. 

 A *capability* includes a definition, scenarios, opinionated guidance, and supporting automation to establish and operate a specific part of a cloud environment. Capabilities are components that can help you plan, implement, and operate your cloud environment, and include *people*, *process*, and *technology* considerations. Capabilities are designed to integrate into your overall technology environment. 

 In addition to technology implementation guidance, capabilities include operational guidance (for instance, notifications, event handling, and remediation, as well as team resource skills and processes) needed to stand up and operate each capability. For an example of what a capability should offer, refer to [Appendix A](appendix-a-capability-structure-and-example.md). 

AWS has defined a set of 29 capabilities that span six categories to help you establish a cloud foundation. 

 Table 1 - Cloud Foundations capabilities by categories 


|  [Governance, Risk, and Compliance](governance.md)  |  [Security](security.md)  |  [Operations](operations.md)  |  [Infrastructure](infrastructure.md)  |  [Finance](finance.md)  |  [Business Continuity](business-continuity.md)  | 
| --- | --- | --- | --- | --- | --- | 
| Log Storage | Identity Management & Access Control  | Developer Experience & Tools  | Network Connectivity  | Cloud Financial Management  | Backup & Recovery  | 
| Governance | Secrets Management  | Image Management  | Network Security  | Resource Inventory Management  | Disaster Recovery  | 
| Audit & Assessment | Security Incident Response | Observability | Workload Isolation | Support |   | 
| Tagging | Encryption & Key Management  | Patch Management | Template Management |  |  | 
| Service Onboarding | Vulnerability & Threat Management  |  |  |  |  | 
| Change Management  | Application Security  |  |  |  |  | 
| Forensics | Data Isolation  |  |  |  |  | 
| Data De-identification  |   |  |  |  |  | 
| Records Management |  |  |  |  |  | 

 Each capability includes stages of maturity that enable you to implement based on where you are in your cloud journey, including your governance and operational requirements. As your cloud environment grows and matures, the *capabilities* can be enhanced to meet your new requirements. 

## Capabilities definitions
<a name="capabilities-definitions"></a>

 This section includes high-level definitions for each foundational capability organized by their category. For a deeper dive into a specific capability and what it includes, refer to [Appendix A](appendix-a-capability-structure-and-example.md). 

![A chart showing which capabilities fall under each category.](http://docs.aws.amazon.com/whitepapers/latest/establishing-your-cloud-foundation-on-aws/images/category.png)


Topics
+ [Governance, Risk Management, and Compliance](governance.md)
+ [Operations](operations.md)
+ [Security](security.md)
+ [Business Continuity](business-continuity.md)
+ [Finance](finance.md)
+ [Infrastructure](infrastructure.md)