Workload Isolation capability

The Workload Isolation capability enables you to create and manage isolated environments for your workloads. This approach reduces the impact of vulnerabilities and threats, and eases the complexity of compliance by providing mechanisms to isolate access to resources.

Stakeholders:

Central IT (Primary)
Security
Operations

Personas:

Cloud Team - the team(s) who make cloud available to customers (such as App DevOps).
DevSecOps - The team defining, building, analyzing, and mitigating access and authorization to application workloads and data assets.
Audit and Compliance / Governance, Risk Management, and Control - The team(s) performing review and approval of control adherence or exception.

Supporting capabilities: Governance capability and Network Connectivity capability

Scenarios:

CF7 - S1: Designing isolated resource environments

CF7 - S2: Isolated environment lifecycle management

CF7 - S3: Baselining isolated environments

CF7 - S4: Repeatable patterns for isolated environments

Topics

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Security Assurance on AWS

Overview