Inventory and Configuration Management
Tools that enable agility and speed along with assurance that cloud resources comply with organizational standards and best practices include:
- Deployment tools to manage the creation and decommissioning of resources according to organizational standards.
- Inventory and configuration management tools to identify resources, which then track and manage changes to said resources over time.
Scalable and efficient encryption features include:
- Data encryption capabilities available in AWS storage and database services, such as EBS, S3, Glacier and Redshift.
- Flexible key management options that allow you to choose whether to have AWS manage the encryption keys or maintain complete control over your keys.
Definition, enforcement, and management of user access policies across services include:
- Identity and access management capabilities to define individual user accounts with permissions across AWS resources.
- Multi-factor authentication for privileged accounts, including options for hardware-based authenticators.
Monitoring and Logging
Tools and features that enable environment activity monitoring include:
- Deep visibility into API calls, i.e. who, what, when, and from where calls were made.
- Log aggregation and options, streamlining investigations and compliance reporting.
- Alert notifications when specific events occur, or thresholds are exceeded.