The journey to least privilege on AWS

We’ll share a mental model for how to get to least privilege in your AWS environment. We’ll talk about the foundations and security controls that you can implement on your first day in AWS, and then we’ll share techniques for continuously updating access across your environments over time. You’ll learn about creating logical isolation boundaries for your data and applications using AWS accounts, applying guardrails to allow your developers to experiment and innovate safely using identity and access management policies, and right-sizing access permissions using AWS IAM Access Analyzer.

The journey to least privilege on AWS

Building custom frameworks with AWS Audit Manager

Confidential Computing on AWS: the AWS Nitro System and AWS Nitro Enclaves

Automation workflows with Amazon Macie

Secure your APIs in API Gateway

Builders patching at scale: It doesn't have to be hard

Security coffee: Keep your analysts on top of their game

Detecting ransomware with AWS security services

Scaling access management for enterprise customers

Designating a GuardDuty Delegated Administrator

Designating a Security Hub Administrator Account

How AWS Security Hub works with IAM

Example Service Control Policies

Product Integrations in AWS Security Hub

Using Service-Linked Roles for AWS Config

Security Hub Workshop

Techniques for Writing Least Privilege IAM Policies

IAM Access Analyzer Makes it Easier to Implement Least Privilege Permissions

AWS Security Hub Supports Bidirectional Integration with Atlassian Jira Service Management

AWS Security Hub Adds Support for Cross-Region Aggregation of Findings

AWS Trusted Advisor now integrates with AWS Security Hub