Please enable JavaScript.
Coggle requires JavaScript to display documents.
Security & Encryption, Parameter Store, ACM (Integrations with (load…
-
Parameter Store
-
-
Serverless, scalable, durable, easy SDK
Serverless, scalable, durable, easy SDK
-
-
-
-
ACM
-
Easily provision, manage, and deploy TLS Certificates
-
-
-
-
-
KMS Multi-Region Keys
-
Multi-Region keys have the same key ID, key material, automatic rotation…
-
-
-
-
Secrets Manager
Newer service, meant for storing secrets
-
-
Integration with Amazon RDS (MySQL, PostgreSQL, Aurora)
-
-
Amazon GuardDuty
Input data includes
-
VPC Flow Logs
unusual internal traffic, unusual IP address
-
Optional Features
EKS Audit Logs, RDS & Aurora, EBS, Lambda, S3 Data Events…
-
Uses Machine Learning algorithms, anomaly detection, 3rd party data
One click to enable (30 days trial), no need to install software
-
-
-
Types of KMS Keys
AWS Owned Keys
-
SSE-S3, SSE-SQS, SSE-DDB (default key)
-
-
-
-
-
-
KMS Key Policies
Custom KMS Key Policy
Define users, roles that can access the KMS key
-
-
-
Control access to KMS keys, “similar” to S3 bucket policies
-
-
-
Parameters Policies
Allow to assign a TTL to a parameter (expiration date) to force
updating or deleting sensitive data such as passwords
-
-
-
-
AWS Macie
Amazon Macie is a fully managed data security and data privacy service
that uses machine learning and pattern matching to discover and protect sensitive data
Macie helps identify and alert you to sensitive data, such as personally identifiable information (PII)
-
-
-
-
-
-
-
-
-