AWS Security & Identity Services
Comprehensive guides and cheat sheets for aws security & identity services. Perfect for developers, architects, and cloud professionals.
AWS Identity & Access Management (IAM)
## Core Components of IAM IAM is built on four fundamental components: Users, Groups, Roles, and Policies. ### 1. IAM Users An IAM User represents the person or application that interac...
AWS Firewall Manager
## Prerequisites: How to Get Started Before you can use AWS Firewall Manager, you must have the following in place: 1. **AWS Organizations**: Your accounts must be managed under AWS Organiz...
AWS Directory Service
## AWS Directory Service Options Choosing the right directory type is the most critical decision when using this service. ### 1. AWS Managed Microsoft AD This option provides a fully ma...
AWS CloudHSM
## Key Features & Concepts * **Single-Tenant, Dedicated Hardware**: Unlike shared services, you get your own HSM instances. No other AWS customers have access to the hardware you are using. * *...
AWS Certificate Manager
## Core Features & Benefits * **Free Public Certificates**: Public SSL/TLS certificates provisioned through ACM are free of charge. You only pay for the AWS resources that use them. * **Automat...
AWS Audit Manager
## How AWS Audit Manager Works: The Audit Workflow Audit Manager follows a structured process to take you from a compliance requirement to an audit-ready report. 1. **Select a Framework**: ...
AWS Artifact
## Key Components of AWS Artifact The service is organized into two main sections: Reports and Agreements. ### 1. AWS Artifact Reports This section provides access to compliance reports...
Amazon Macie
## What is Amazon Macie? **Amazon Macie** is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in ...
Amazon Inspector
## How Amazon Inspector Works Amazon Inspector has been re-architected to be more automated and integrated with your AWS environment. 1. **Automated Asset Discovery**: Once enabled, Inspect...
Amazon GuardDuty
## How GuardDuty Works GuardDuty is designed to be easy to enable and manage. Its process is entirely automated and agentless. 1. **Analyzes Data Sources**: GuardDuty pulls from and a...
Amazon Detective
## How Amazon Detective Works Amazon Detective automates the complex work of a security investigation by following a three-step process: 1. **Automated Data Ingestion**: Detective aut...
Amazon Cognito
## Amazon Cognito User Pools A User Pool is a user directory in Amazon Cognito. It allows users to sign in to your application either directly through the User Pool or through federation with ext...