Security, identity, compliance
Topics
- Access AWS services from an ASP.NET Core app using Amazon Cognito identity pools
- Authenticate Microsoft SQL Server on Amazon EC2 using AWS Directory Service
- Automate incident response and forensics
- Automate remediation for AWS Security Hub standard findings
- Automate security scans for cross-account workloads using Amazon Inspector and AWS Security Hub
- Automatically re-enable AWS CloudTrail by using a custom remediation rule in AWS Config
- Automatically remediate unencrypted Amazon RDS DB instances and clusters
- Automatically rotate IAM user access keys at scale with AWS Organizations and AWS Secrets Manager
- Automatically validate and deploy IAM policies and roles in an AWS account by using CodePipeline, IAM Access Analyzer, and AWS CloudFormation macros
- Bidirectionally integrate AWS Security Hub with Jira software
- Build a pipeline for hardened container images using EC2 Image Builder and Terraform
- Centralize IAM access key management in AWS Organizations by using Terraform
- Centralized logging and multiple-account security guardrails
- Check an Amazon CloudFront distribution for access logging, HTTPS, and TLS version
- Check for single-host network entries in security group ingress rules for IPv4 and IPv6
- Choose an Amazon Cognito authentication flow for enterprise applications
- Create AWS Config custom rules by using AWS CloudFormation Guard policies
- Create a consolidated report of Prowler security findings from multiple AWS accounts
- Delete unused Amazon Elastic Block Store (Amazon EBS) volumes by using AWS Config and AWS Systems Manager
- Deploy and manage AWS Control Tower controls by using AWS CDK and AWS CloudFormation
- Deploy and manage AWS Control Tower controls by using Terraform
- Deploy a pipeline that simultaneously detects security issues in multiple code deliverables
- Deploy detective attribute-based access controls for public subnets by using AWS Config
- Deploy preventative attribute-based access controls for public subnets
- Deploy the Security Automations for AWS WAF solution by using Terraform
- Detect Amazon RDS and Aurora database instances that have expiring CA certificates
- Dynamically generate an IAM policy with IAM Access Analyzer by using Step Functions
- Enable Amazon GuardDuty conditionally by using AWS CloudFormation templates
- Enable transparent data encryption in Amazon RDS for SQL Server
- Ensure AWS load balancers use secure listener protocols (HTTPS, SSL/TLS)
- Ensure encryption for Amazon EMR data at rest is enabled at launch
- Ensure that an IAM profile is associated with an EC2 instance
- Ensure an Amazon Redshift cluster is encrypted upon creation
- Export a report of AWS IAM Identity Center identities and their assignments by using PowerShell
- Monitor and remediate scheduled deletion of AWS KMS keys
- Identify public S3 buckets in AWS Organizations using Security Hub
- Ingest and analyze AWS security logs in Microsoft Sentinel
- Manage AWS IAM Identity Center permission sets as code by using AWS CodePipeline
- Manage credentials using AWS Secrets Manager
- Monitor ElastiCache clusters for security groups
- Monitor Amazon EMR clusters for in-transit encryption at launch
- Monitor Amazon ElastiCache clusters for at-rest encryption
- Monitor EC2 instance key pairs using AWS Config
- Monitor IAM root user activity
- Send a notification when an IAM user is created
- Prevent internet access at the account level by using a service control policy
- Scan Git repositories for sensitive information and security issues by using git-secrets
- Send alerts from AWS Network Firewall to a Slack channel
- Simplify private certificate management by using AWS Private CA and AWS RAM
- Turn off security standard controls across all Security Hub member accounts in a multi-account environment
- Update AWS CLI credentials from AWS IAM Identity Center by using PowerShell
- Use AWS Config to monitor Amazon Redshift security configurations
- Use Network Firewall to capture the DNS domain names from the Server Name Indication (SNI) for outbound traffic
- Use Terraform to automatically enable Amazon GuardDuty for an organization
- Verify that new Amazon Redshift clusters have required SSL endpoints
- Verify that new Amazon Redshift clusters launch in a VPC
- More patterns