Security

The security pillar provides guidance to help you apply best practices, current recommendations in the design, delivery, and maintenance of secure AWS workloads. While this lens focuses on preventing data storage in locations not aligned with data residency requirements, in all conceivable scenarios where data residency is required, each of the best practices identified in the Well-Architected Security Pillar whitepaper also apply.

Definitions

This whitepaper covers security in the cloud, describing best practices in the following areas:

Security foundations: Fundamental principles address security threats and protect assets from attacks.
Identity and access management: Securely manage identities and access to AWS services and resources.
Detection: Identification of unexpected or unwanted configuration, and identification of unexpected behavior.
Infrastructure protection: Control methodologies that are necessary to meet best practices and organizational or regulatory obligations.
Data protection: Consists of both data classification to provide a way to categorize data based on levels of sensitivity, and encryption protects data by way of rendering it unintelligible to unauthorized access.
Incident response: Respond to and mitigate the potential impact of security incidents
Application security: Overall process of how you design, build, and test the security properties of the workloads you develop.

Design principles

All design principals from the Well-Architected Framework security pillar whitepaper apply to this lens, and there are no unique design principles for this lens.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Resources

Security foundations