AWS provides alignment with security best practices and a variety of IT security standards, including:

  • SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70)
  • SOC 2
  • SOC 3
  • FISMA, DIACAP, and FedRAMP
  • DOD CSM Levels 1-5
  • PCI DSS Level 1
  • ISO 9001 / ISO 27001
  • ITAR
  • FIPS 140-2
  • MTCS Level 3

Also, industry-specific standards, including:

  • Criminal Justice Information Services (CJIS)
  • Cloud Security Alliance (CSA)
  • Family Educational Rights and Privacy Act (FERPA)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Motion Picture Association of America (MPAA)

Using AWS Config

  • Evaluate the configuration settings of AWS resources.
  • Create AWS Config rules, representing ideal configuration settings.
  • AWS Config provides
    • customizable,
    • predefined rules called managed rules
    • Can also create own custom rules.
  • AWS Config continuously tracks the configuration changes that occur among resources
  • If a resource violates a rule, AWS Config flags the resource and the rule as noncompliant.
  • Config console shows the compliance status of rules and resources.
  • See how AWS resources comply overall with desired configurations
  • Can also use following to make requests to the AWS Config service for compliance information
    • AWS CLI
    • the AWS Config API
    • AWS SDKs.
Menu