Best Security Practices

Please review Security Pillar of AWS Well-Architected Framework - The focus of this paper is the security pillar of the AWS Well-Architected Framework. It provides guidance to help you apply best practices, current recommendations in the design, delivery, and maintenance of secure AWS workloads. https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/welcome.html

https://aws.amazon.com/blogs/security/top-10-security-items-to-improve-in-your-aws-account/

There are many things to describe security for AWS console and AWS well architecture frame work some are listed

1. VPC must b private
2. Subnet with private and public multi AZ with using NAT gateway
3. if using RDS it should be private and only can accessible with private VPC or linked resources with private VPV and if you want to connect it remotely so use open vpn
4. Always user and make roles and policy to use any AWS service in side of any other Aws service

And many more you can see in this given link https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/security.html

Hi! Great question.

This is a long and complex answer as there are many best security practices for operating securely in AWS. Keep in mind there's no comprehensive checklist, more recommendations and best practices that will help you in your secure cloud journey!

This AWS Whitepaper is a great read on security responsibility and the shared responsibility model: https://docs.aws.amazon.com/whitepapers/latest/aws-overview/security-and-compliance.html

For starters (and the well-architected framework,

• https://aws.amazon.com/architecture/security-identity-compliance/
• This covers security categories such as Identity and Access Management, Detection, Infrastructure Protection, Data Protection, Compliance, and Incident Response.
• Furthermore, each service should have a security section that's worth a read. For example, Lambda: https://docs.aws.amazon.com/lambda/latest/dg/lambda-security.html