1. Access Management
Using this feature, you can assign specific roles and permissions to the users or groups to access all AWS resources. These resources are -
- Amazon Elastic Compute Cloud
- Amazon Relational Database Service
- Amazon Virtual Private Cloud Security
You can assign each user a different AWS account and unique login credentials to access the AWS services and resources. With Identity and Access Management Multifactor Authentication, users who are trying to access AWS resources must enter the login details. This helps in strengthening the security of cloud data.
2. Amazon Virtual Private Cloud Security
Amazon VPC Security gives you complete control over all internal and external network traffic. You can use Amazon VPC to secure your application through restricted access to and from the Internet. You can also connect with the on-premise servers to your cloud-based VPC without needing to involve any public networks.
3. Amazon Relational Database Service Security
Amazon RDS Security helps you set up a relational database to scale and store data as needed. You must specifically provide individual access to all different parts of your databases to each user. For advanced control, you can operate your database instance in Virtual Cloud.
4. Network Access Control List
Using the AWS Security, you can create firewall rules to control incoming or outgoing traffic through –
- TCP Protocol
- UDP Protocol
- ICMP Protocol
- IP Address and
- Ports
Network ACL can help you prevent the DDOS attacks and blacklist traffic from specific IP Addresses.
5. Data Encryption
AWS provides unmatched Data encryption. When you create an encrypted EBS volume and store it the Database, data is automatically encrypted.
Amazon Cloud Computing Services encrypt each data object with a unique key that is generated using the 256-bit Advanced Encryption Standard. On the other hand, RDS generates an SSL certificate for each DB Instance.
6. Amazon Simple Storage Service
Amazon S3 Security creates relevant Identity and Access Management processes to enable easy access to data within the Amazon Simple Storage Service bucket. As a user, you can select your encryption process or one that is provided by the Amazon S3 Security.
7. AWS Snowball Security
AWS Snowball security method enables easy and quick transferring of large data to S3, EBS, or Glacier storage. It is mostly used by the organizations needing to transfer over 100 GB of data and have slow connection speeds.
8. Direct Connect
AWS Direct Connect helps organizations to build a private virtual interface between their on-premise network and Amazon Virtual Private Cloud. Direct Connect offers a secured and private network connection of high bandwidth to ensure 100% protection & greater security of data.
9. AWS Cloud Trail
Aws Cloud Trail offers you with a track record of all API calls made against your account resources. It also provides API calls made via the AWS Management Console, Software Developer Client, and command-line tools.
10. AWS Trusted Advisor
It identifies your AWS environment and provides valid suggestions for saving money and improving the system’s performance and reliability or bridging security gaps.
Even without needing to have a premium subscription, it can warn you about the security threats and potential weaknesses. It provides a highly effective summary of your overall Amazon Cloud Services.