Actions, recommendations, and best practices

While the Operator is responsible for defining and implementing access controls, least privilege principle is implemented in AWS by default when organizing access controls.

This requirement can be addressed in all reference architectures using services such as Amazon Virtual Private Cloud (Amazon VPC), AWS Identity and Access Management (AWS IAM), AWS CloudTrail, and AWS Trusted Advisor. Refer to the Introduction to AWS Security whitepaper for more details, and the Well-Architected Framework Security Pillar for best practices.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

REQ3 – Data access controls

REQ4 – Availability and durability