- Newest
- Most votes
- Most comments
This AWS document may be helpful.
This document describes best practices for operating security using the AWS Config service.
https://docs.aws.amazon.com/config/latest/developerguide/operational-best-practices-for-hipaa_security.html
There are a couple of different approaches the customer could adopt as self-service options. Control tower automates the setup of a landing zone which can be used as an initial security baseline for managing a multi-account strategy securely - https://aws.amazon.com/solutions/implementations/customizations-for-aws-control-tower/.
Following this, Landing zone accelerator is a tool available as OSS & custom built to suit different industry specific compliance requirements. It helps in accelerating the setup of a secure and compliant infrastructure as code reference architecture.
Solutions Library - https://aws.amazon.com/solutions/implementations/landing-zone-accelerator-on-aws/
Docs - https://docs.aws.amazon.com/solutions/latest/landing-zone-accelerator-on-aws/solution-overview.html
Github - https://github.com/awslabs/landing-zone-accelerator-on-aws/tree/main/reference/sample-configurations
Hi, I would also strongly suggest to review and analyze the features of AWS Organizations: https://docs.aws.amazon.com/pdfs/whitepapers/latest/organizing-your-aws-environment/organizing-your-aws-environment.pdf#organizing-your-aws-environment
You will get infos about lots of additional best practices that are part of AWS Orgs.