AWS Security, Identity, & Compliance services
Category | What is it | AWS service |
---|---|---|
Identity and access management | Securely manage access to services and resources | AWS Identity and Access Management (IAM) |
Manage workforce access across AWS accounts and apps | AWS IAM Identity Center (successor to SSO) | |
Identity management for your apps | Amazon Cognito | |
Managed Microsoft Active Directory | AWS Directory Service | |
Simple, secure service to share AWS resources | AWS Resource Access Manager | |
Central governance and management across AWS accounts | AWS Organizations | |
AWS Control Tower provides the easiest way to set up and govern a secure, multi-account AWS environment, called a landing zone. | AWS Control Tower | |
Session Manager is a fully managed AWS Systems Manager capability. | Session Manager | |
Detection | Automate AWS security checks and centralize security alerts | AWS Security Hub |
Protect AWS accounts with intelligent threat detection | Amazon GuardDuty | |
Automate vulnerability management | Amazon Inspector | |
Record and evaluate configurations of your AWS resources | AWS Config | |
Observability of your AWS resources and applications on AWS and on-premises | Amazon CloudWatch | |
Track user activity and API usage | AWS CloudTrail | |
Security management for IoT devices | AWS IoT Device Defender | |
Network and application protection | Network security | AWS Network Firewall |
DDoS protection | AWS Shield | |
Filter and control outbound DNS traffic for your VPCs | Amazon Route 53 Resolver DNS Firewall | |
Filter malicious web traffic | AWS Web Application Firewall (WAF) | |
Central management of firewall rules | AWS Firewall Manager | |
Data protection | Discover and protect your sensitive data at scale | Amazon Macie |
Create and control keys to encrypt or digitally sign your data | AWS Key Management Service (AWS KMS) | |
Manage single-tenant hardware security modules (HSMs) on AWS | AWS CloudHSM | |
Provision, manage, and deploy public and private SSL/TLS certificates | AWS Certificate Manager | |
Create private certificates to identify resources and protect data | AWS Private Certificate Authority | |
Centrally manage the lifecycle of secrets | AWS Secrets Manager | |
Incident response | Investigate potential security issues | Amazon Detective |
Scalable, cost-effective application recovery to AWS | AWS Elastic Disaster Recovery | |
Compliance | No cost, self-service portal for on-demand access to AWS’ compliance reports | AWS Artifact |
Continuously audit your AWS usage to simplify how you assess risk and compliance | AWS Audit Manager |
Identity and Access Management
IAM
With A