- IAM (Identity and Access Management)
- Enable MFA for the root account and IAM users.
- Rotate IAM access keys every 90 days.
- EC2, EBS, ELBv2
- Avoid broad inbound rules in security groups.
- Enable EBS volume encryption.
- S3
- Prevent public access to buckets.
- Enable encryption and access control for S3.
- CloudTrail and CloudWatch
- Encrypt CloudTrail logs.
- Set up security incident alarms in CloudWatch.
- RDS
- Encrypt RDS instances and snapshots.
- Enable automatic backups and deletion protection.
- KMS and Lambda
- Rotate KMS keys and encrypt Lambda environment variables.
- Route 53 and EKS
- Enable security for Route 53 domains.
- Encrypt secrets in EKS using KMS.
This summary highlights key security measures recommended for AWS environments.
Views: 20
