Security, risk, and compliance

The security, risk, and compliance workstream defines a structured approach to help you build confidence in AWS. It also enables foundational security, risk, and compliance capabilities that can accelerate your readiness and planning for a migration project. The delivery approach is built on the AWS CAF security perspective and provides more detailed guidance for security teams who are preparing for a migration of business workloads to AWS. This workstream leverages the concept of a virtual data center to address minimum baseline security and compliance controls. The virtual data center is intended to be constructed through an agile development process using one or more cloud security delivery teams.

Objectives

The security perspective provides a recommended initial configuration for the following:

AWS Identity and Access Management (IAM) model
Logging and monitoring model
Infrastructure security
Data protection
Incident response

Outcomes

Develop referenceable playbooks that are supported by relevant code examples and that cover the following five core topics for security and audit tasks utilizing AWS services:

Identity and access management
Detective controls
Infrastructure security
Data protection
Incident response

How-to guide

Assessing and building a security foundation for cloud mobilization

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Landing zone

Operations