| 💼 Cost Optimization | 10 | | 3 | | no data |
|  💼 Automating operations | 1 | | | | no data |
|   💼 COST11-BP01 Perform automation for operations | | | | | no data |
|  💼 Decommission resources | 5 | | | | no data |
|   💼 COST04-BP01 Track resources over their lifetime | | | | | no data |
|   💼 COST04-BP02 Implement a decommissioning process | | | | | no data |
|   💼 COST04-BP03 Decommission resources | | | | | no data |
|   💼 COST04-BP04 Decommission resources automatically | | | | | no data |
|   💼 COST04-BP05 Enforce data retention policies | | | | | no data |
|  💼 Define a review process and analyze your workload regularly | 2 | | | | no data |
|   💼 COST10-BP01 Develop a workload review process | | | | | no data |
|   💼 COST10-BP02 Review and analyze this workload regularly | | | | | no data |
|  💼 Evaluate cost when selecting services | 6 | | | | no data |
|   💼 COST05-BP01 Identify organization requirements for cost | | | | | no data |
|   💼 COST05-BP02 Analyze all components of the workload | | | | | no data |
|   💼 COST05-BP03 Perform a thorough analysis of each component | | | | | no data |
|   💼 COST05-BP04 Select software with cost-effective licensing | | | | | no data |
|   💼 COST05-BP05 Select components of this workload to optimize cost in line with organization priorities | | | | | no data |
|   💼 COST05-BP06 Perform cost analysis for different usage over time | | | | | no data |
|  💼 Governance | 6 | | 3 | | no data |
|   💼 COST02-BP01 Develop policies based on your organization requirements | | | | | no data |
|   💼 COST02-BP02 Implement goals and targets | | | | | no data |
|   💼 COST02-BP03 Implement an account structure | | | | | no data |
|   💼 COST02-BP04 Implement groups and roles | | | 3 | | no data |
|   💼 COST02-BP05 Implement cost controls | | | | | no data |
|   💼 COST02-BP06 Track project lifecycle | | | | | no data |
|  💼 Manage demand and supply resources | 3 | | | | no data |
|   💼 COST09-BP01 Perform an analysis on the workload demand | | | | | no data |
|   💼 COST09-BP02 Implement a buffer or throttle to manage demand | | | | | no data |
|   💼 COST09-BP03 Supply resources dynamically | | | | | no data |
|  💼 Monitor cost and usage | 6 | | | | no data |
|   💼 COST03-BP01 Configure detailed information sources | | | | | no data |
|   💼 COST03-BP02 Add organization information to cost and usage | | | | | no data |
|   💼 COST03-BP03 Identify cost attribution categories | | | | | no data |
|   💼 COST03-BP04 Establish organization metrics | | | | | no data |
|   💼 COST03-BP05 Configure billing and cost management tools | | | | | no data |
|   💼 COST03-BP06 Allocate costs based on workload metrics | | | | | no data |
|  💼 Plan for data transfer | 3 | | | | no data |
|   💼 COST08-BP01 Perform data transfer modeling | | | | | no data |
|   💼 COST08-BP02 Select components to optimize data transfer cost | | | | | no data |
|   💼 COST08-BP03 Implement services to reduce data transfer costs | | | | | no data |
|  💼 Select the best pricing model | 5 | | | | no data |
|   💼 COST07-BP01 Perform pricing model analysis | | | | | no data |
|   💼 COST07-BP02 Choose Regions based on cost | | | | | no data |
|   💼 COST07-BP03 Select third-party agreements with cost-efficient terms | | | | | no data |
|   💼 COST07-BP04 Implement pricing models for all components of this workload | | | | | no data |
|   💼 COST07-BP05 Perform pricing model analysis at the management account level | | | | | no data |
|  💼 Select the correct resource type, size, and number | 4 | | | | no data |
|   💼 COST06-BP01 Perform cost modeling | | | | | no data |
|   💼 COST06-BP02 Select resource type, size, and number based on data | | | | | no data |
|   💼 COST06-BP03 Select resource type, size, and number automatically based on metrics | | | | | no data |
|   💼 COST06-BP04 Consider using shared resources | | | | | no data |
| 💼 Operational Excellence | 11 | | 5 | | no data |
|  💼 Design for operations | 10 | | 4 | | no data |
|   💼 OPS05-BP01 Use version control | | | | | no data |
|   💼 OPS05-BP02 Test and validate changes | | | | | no data |
|   💼 OPS05-BP03 Use configuration management systems | | | | | no data |
|   💼 OPS05-BP04 Use build and deployment management systems | | | | | no data |
|   💼 OPS05-BP05 Perform patch management | | | 4 | | no data |
|   💼 OPS05-BP06 Share design standards | | | | | no data |
|   💼 OPS05-BP07 Implement practices to improve code quality | | | | | no data |
|   💼 OPS05-BP08 Use multiple environment | | | | | no data |
|   💼 OPS05-BP09 Make frequent, small, reversible changes | | | | | no data |
|   💼 OPS05-BP10 Fully automate integration and deployment | | | | | no data |
|  💼 Implement observability | 5 | | 1 | | no data |
|   💼 OPS04-BP01 Identify key performance indicators | | | | | no data |
|   💼 OPS04-BP02 Implement application telemetry | | | | | no data |
|   💼 OPS04-BP03 Implement user experience telemetry | | | | | no data |
|   💼 OPS04-BP04 Implement dependency telemetry | | | | | no data |
|   💼 OPS04-BP05 Implement distributed tracing | | | 1 | | no data |
|  💼 Learn, share, and improve | 9 | | | | no data |
|   💼 OPS11-BP01 Have a process for continuous improvement | | | | | no data |
|   💼 OPS11-BP02 Perform post-incident analysis | | | | | no data |
|   💼 OPS11-BP03 Implement feedback loops | | | | | no data |
|   💼 OPS11-BP04 Perform knowledge management | | | | | no data |
|   💼 OPS11-BP05 Define drivers for improvement | | | | | no data |
|   💼 OPS11-BP06 Validate insights | | | | | no data |
|   💼 OPS11-BP07 Perform operations metrics reviews | | | | | no data |
|   💼 OPS11-BP08 Document and share lessons learned | | | | | no data |
|   💼 OPS11-BP09 Allocate time to make improvements | | | | | no data |
|  💼 Mitigate deployment risks | 4 | | | | no data |
|   💼 OPS06-BP01 Plan for unsuccessful changes | | | | | no data |
|   💼 OPS06-BP02 Test deployments | | | | | no data |
|   💼 OPS06-BP03 Employ safe deployment strategies | | | | | no data |
|   💼 OPS06-BP04 Automate testing and rollback | | | | | no data |
|  💼 Operating model | 6 | | | | no data |
|   💼 OPS02-BP01 Resources have identified owners | | | | | no data |
|   💼 OPS02-BP02 Processes and procedures have identified owners | | | | | no data |
|   💼 OPS02-BP03 Operations activities have identified owners responsible for their performance | | | | | no data |
|   💼 OPS02-BP04 Mechanisms exist to manage responsibilities and ownership | | | | | no data |
|   💼 OPS02-BP05 Mechanisms exist to request additions, changes, and exceptions | | | | | no data |
|   💼 OPS02-BP06 Responsibilities between teams are predefined or negotiated | | | | | no data |
|  💼 Operational readiness and change management | 6 | | | | no data |
|   💼 OPS07-BP01 Ensure personnel capability | | | | | no data |
|   💼 OPS07-BP02 Ensure a consistent review of operational readiness | | | | | no data |
|   💼 OPS07-BP03 Use runbooks to perform procedures | | | | | no data |
|   💼 OPS07-BP04 Use playbooks to investigate issues | | | | | no data |
|   💼 OPS07-BP05 Make informed decisions to deploy systems and changes | | | | | no data |
|   💼 OPS07-BP06 Create support plans for production workloads | | | | | no data |
|  💼 Organization priorities | 6 | | | | no data |
|   💼 OPS01-BP01 Evaluate external customer needs | | | | | no data |
|   💼 OPS01-BP02 Evaluate internal customer needs | | | | | no data |
|   💼 OPS01-BP03 Evaluate governance requirements | | | | | no data |
|   💼 OPS01-BP04 Evaluate compliance requirements | | | | | no data |
|   💼 OPS01-BP05 Evaluate threat landscape | | | | | no data |
|   💼 OPS01-BP06 Evaluate tradeoffs while managing benefits and risks | | | | | no data |
|  💼 Organizational culture | 7 | | | | no data |
|   💼 OPS03-BP01 Provide executive sponsorship | | | | | no data |
|   💼 OPS03-BP02 Team members are empowered to take action when outcomes are at risk | | | | | no data |
|   💼 OPS03-BP03 Escalation is encouraged | | | | | no data |
|   💼 OPS03-BP04 Communications are timely, clear, and actionable | | | | | no data |
|   💼 OPS03-BP05 Experimentation is encouraged | | | | | no data |
|   💼 OPS03-BP06 Team members are encouraged to maintain and grow their skill sets | | | | | no data |
|   💼 OPS03-BP07 Resource teams appropriately | | | | | no data |
|  💼 Responding to events | 7 | | | | no data |
|   💼 OPS10-BP01 Use a process for event, incident, and problem management | | | | | no data |
|   💼 OPS10-BP02 Have a process per alert | | | | | no data |
|   💼 OPS10-BP03 Prioritize operational events based on business impact | | | | | no data |
|   💼 OPS10-BP04 Define escalation paths | | | | | no data |
|   💼 OPS10-BP05 Define a customer communication plan for service-impacting events | | | | | no data |
|   💼 OPS10-BP06 Communicate status through dashboards | | | | | no data |
|   💼 OPS10-BP07 Automate responses to events | | | | | no data |
|  💼 Understanding operational health | 3 | | 1 | | no data |
|   💼 OPS09-BP01 Measure operations goals and KPIs with metrics | | | | | no data |
|   💼 OPS09-BP02 Communicate status and trends to ensure visibility into operation | | | 1 | | no data |
|   💼 OPS09-BP03 Review operations metrics and prioritize improvement | | | | | no data |
|  💼 Utilizing workload observability | 5 | | | | no data |
|   💼 OPS08-BP01 Analyze workload metrics | | | | | no data |
|   💼 OPS08-BP02 Analyze workload logs | | | | | no data |
|   💼 OPS08-BP03 Analyze workload traces | | | | | no data |
|   💼 OPS08-BP04 Create actionable alerts | | | | | no data |
|   💼 OPS08-BP05 Create dashboards | | | | | no data |
| 💼 Performance Efficiency | 5 | | 3 | | no data |
|  💼 Architecture selection | 7 | | | | no data |
|   💼 PERF01-BP01 Learn about and understand available cloud services and features | | | | | no data |
|   💼 PERF01-BP02 Use guidance from your cloud provider or an appropriate partner to learn about architecture patterns and best practices | | | | | no data |
|   💼 PERF01-BP03 Factor cost into architectural decisions | | | | | no data |
|   💼 PERF01-BP04 Evaluate how trade-offs impact customers and architecture efficiency | | | | | no data |
|   💼 PERF01-BP05 Use policies and reference architectures | | | | | no data |
|   💼 PERF01-BP06 Use benchmarking to drive architectural decisions | | | | | no data |
|   💼 PERF01-BP07 Use a data-driven approach for architectural choices | | | | | no data |
|  💼 Compute and hardware | 6 | | | | no data |
|   💼 PERF02-BP01 Select the best compute options for your workload | | | | | no data |
|   💼 PERF02-BP02 Understand the available compute configuration and features | | | | | no data |
|   💼 PERF02-BP03 Collect compute-related metrics | | | | | no data |
|   💼 PERF02-BP04 Configure and right-size compute resources | | | | | no data |
|   💼 PERF02-BP05 Scale your compute resources dynamically | | | | | no data |
|   💼 PERF02-BP06 Use optimized hardware-based compute accelerators | | | | | no data |
|  💼 Data management | 4 | | | | no data |
|   💼 PERF03-BP01 Use a purpose-built data store that best supports your data access and storage requirements | | | | | no data |
|   💼 PERF03-BP02 Evaluate available configuration options for data store | | | | | no data |
|   💼 PERF03-BP03 Collect and record data store performance metrics | | | | | no data |
|   💼 PERF03-BP04 Implement strategies to improve query performance in data store | | | | | no data |
|  💼 Networking and content delivery | 7 | | 3 | | no data |
|   💼 PERF04-BP01 Understand how networking impacts performance | | | | | no data |
|   💼 PERF04-BP02 Evaluate available networking features | | | | | no data |
|   💼 PERF04-BP03 Choose appropriate dedicated connectivity or VPN for your workload | | | | | no data |
|   💼 PERF04-BP04 Use load balancing to distribute traffic across multiple resources | | | 3 | | no data |
|   💼 PERF04-BP05 Choose network protocols to improve performance | | | | | no data |
|   💼 PERF04-BP06 Choose your workload's location based on network requirements | | | | | no data |
|   💼 PERF04-BP07 Optimize network configuration based on metrics | | | | | no data |
|  💼 Process and culture | 7 | | | | no data |
|   💼 PERF05-BP01 Establish key performance indicators (KPIs) to measure workload health and performance | | | | | no data |
|   💼 PERF05-BP02 Use monitoring solutions to understand the areas where performance is most critical | | | | | no data |
|   💼 PERF05-BP03 Define a process to improve workload performance | | | | | no data |
|   💼 PERF05-BP04 Load test your workload | | | | | no data |
|   💼 PERF05-BP05 Use automation to proactively remediate performance-related issues | | | | | no data |
|   💼 PERF05-BP06 Keep your workload and services up-to-date | | | | | no data |
|   💼 PERF05-BP07 Review metrics at regular intervals | | | | | no data |
| 💼 Reliability | 13 | | 10 | | no data |
|  💼 Back up data | 4 | | 4 | | no data |
|   💼 REL09-BP01 Identify and back up all data that needs to be backed up, or reproduce the data from sources | | | 2 | | no data |
|   💼 REL09-BP02 Secure and encrypt backups | | | 1 | | no data |
|   💼 REL09-BP03 Perform data backup automatically | | | 3 | | no data |
|   💼 REL09-BP04 Perform periodic recovery of the data to verify backup integrity and processes | | | | | no data |
|  💼 Design interactions in a distributed system to mitigate or withstand failures | 7 | | | | no data |
|   💼 REL05-BP01 Implement graceful degradation to transform applicable hard dependencies into soft dependencies | | | | | no data |
|   💼 REL05-BP02 Throttle requests | | | | | no data |
|   💼 REL05-BP03 Control and limit retry calls | | | | | no data |
|   💼 REL05-BP04 Fail fast and limit queues | | | | | no data |
|   💼 REL05-BP05 Set client timeouts | | | | | no data |
|   💼 REL05-BP06 Make systems stateless where possible | | | | | no data |
|   💼 REL05-BP07 Implement emergency levers | | | | | no data |
|  💼 Design interactions in a distributed system to prevent failures | 4 | | | | no data |
|   💼 REL04-BP01 Identify the kind of distributed systems you depend on | | | | | no data |
|   💼 REL04-BP02 Implement loosely coupled dependencies | | | | | no data |
|   💼 REL04-BP03 Do constant work | | | | | no data |
|   💼 REL04-BP04 Make mutating operations idempotent | | | | | no data |
|  💼 Design your workload service architecture | 3 | | | | no data |
|   💼 REL03-BP01 Choose how to segment your workload | | | | | no data |
|   💼 REL03-BP02 Build services focused on specific business domains and functionality | | | | | no data |
|   💼 REL03-BP03 Provide service contracts per API | | | | | no data |
|  💼 Design your workload to adapt to changes in demand | 4 | | 3 | | no data |
|   💼 REL07-BP01 Use automation when obtaining or scaling resources | | | | | no data |
|   💼 REL07-BP02 Obtain resources upon detection of impairment to a workload | | | 3 | | no data |
|   💼 REL07-BP03 Obtain resources upon detection that more resources are needed for a workload | | | | | no data |
|   💼 REL07-BP04 Load test your workload | | | | | no data |
|  💼 Design your workload to withstand component failures | 7 | | 5 | | no data |
|   💼 REL11-BP01 Monitor all components of the workload to detect failures | | | 2 | | no data |
|   💼 REL11-BP02 Fail over to healthy resources | | | 1 | | no data |
|   💼 REL11-BP03 Automate healing on all layers | | | 3 | | no data |
|   💼 REL11-BP04 Rely on the data plane and not the control plane during recovery | | | | | no data |
|   💼 REL11-BP05 Use static stability to prevent bimodal behavior | | | | | no data |
|   💼 REL11-BP06 Send notifications when events impact availability | | | 1 | | no data |
|   💼 REL11-BP07 Architect your product to meet availability targets and uptime service level agreements (SLAs) | | | | | no data |
|  💼 Implement change | 5 | | | | no data |
|   💼 REL08-BP01 Use runbooks for standard activities such as deployment | | | | | no data |
|   💼 REL08-BP02 Integrate functional testing as part of your deployment | | | | | no data |
|   💼 REL08-BP03 Integrate resiliency testing as part of your deployment | | | | | no data |
|   💼 REL08-BP04 Deploy using immutable infrastructure | | | | | no data |
|   💼 REL08-BP05 Deploy changes with automation | | | | | no data |
|  💼 Manage service quotas and constraints | 6 | | | | no data |
|   💼 REL01-BP01 Aware of service quotas and constraints | | | | | no data |
|   💼 REL01-BP02 Manage service quotas across accounts and regions | | | | | no data |
|   💼 REL01-BP03 Accommodate fixed service quotas and constraints through architecture | | | | | no data |
|   💼 REL01-BP04 Monitor and manage quotas | | | | | no data |
|   💼 REL01-BP05 Automate quota management | | | | | no data |
|   💼 REL01-BP06 Ensure that a sufficient gap exists between the current quotas and the maximum usage to accommodate failover | | | | | no data |
|  💼 Monitor workload resources | 7 | | 3 | | no data |
|   💼 REL06-BP01 Monitor all components for the workload (Generation) | | | | | no data |
|   💼 REL06-BP02 Define and calculate metrics (Aggregation) | | | | | no data |
|   💼 REL06-BP03 Send notifications (Real-time processing and alarming) | | | | | no data |
|   💼 REL06-BP04 Automate responses (Real-time processing and alarming) | | | 3 | | no data |
|   💼 REL06-BP05 Analyze logs | | | | | no data |
|   💼 REL06-BP06 Regularly review monitoring scope and metrics | | | | | no data |
|   💼 REL06-BP07 Monitor end-to-end tracing of requests through your system | | | | | no data |
|  💼 Plan for Disaster Recovery (DR) | 5 | | 2 | | no data |
|   💼 REL13-BP01 Define recovery objectives for downtime and data loss | | | | | no data |
|   💼 REL13-BP02 Use defined recovery strategies to meet the recovery objectives | | | | | no data |
|   💼 REL13-BP03 Test disaster recovery implementation to validate the implementation | | | | | no data |
|   💼 REL13-BP04 Manage configuration drift at the DR site or Region | | | | | no data |
|   💼 REL13-BP05 Automate recovery | | | 2 | | no data |
|  💼 Plan your network topology | 5 | | | | no data |
|   💼 REL02-BP01 Use highly available network connectivity for your workload public endpoints | | | | | no data |
|   💼 REL02-BP02 Provision redundant connectivity between private networks in the cloud and on-premises environments | | | | | no data |
|   💼 REL02-BP03 Ensure IP subnet allocation accounts for expansion and availability | | | | | no data |
|   💼 REL02-BP04 Prefer hub-and-spoke topologies over many-to-many mesh | | | | | no data |
|   💼 REL02-BP05 Enforce non-overlapping private IP address ranges in all private address spaces where they are connected | | | | | no data |
|  💼 Test reliability | 5 | | | | no data |
|   💼 REL12-BP01 Use playbooks to investigate failures | | | | | no data |
|   💼 REL12-BP02 Perform post-incident analysis | | | | | no data |
|   💼 REL12-BP03 Test scalability and performance requirements | | | | | no data |
|   💼 REL12-BP04 Test resiliency using chaos engineering | | | | | no data |
|   💼 REL12-BP05 Conduct game days regularly | | | | | no data |
|  💼 Use fault isolation to protect your workload | 3 | | | | no data |
|   💼 REL10-BP01 Deploy the workload to multiple locations | | | | | no data |
|   💼 REL10-BP02 Automate recovery for components constrained to a single location | | | | | no data |
|   💼 REL10-BP03 Use bulkhead architectures to limit scope of impact | | | | | no data |
| 💼 Security | 12 | | 42 | | no data |
|  💼 Application Security | 8 | | | | no data |
|   💼 SEC11-BP01 Train for application security | | | | | no data |
|   💼 SEC11-BP02 Automate testing throughout the development and release lifecycle | | | | | no data |
|   💼 SEC11-BP03 Perform regular penetration testing | | | | | no data |
|   💼 SEC11-BP04 Conduct code reviews | | | | | no data |
|   💼 SEC11-BP05 Centralize services for packages and dependencies | | | | | no data |
|   💼 SEC11-BP06 Deploy software programmatically | | | | | no data |
|   💼 SEC11-BP07 Regularly assess security properties of the pipelines | | | | | no data |
|   💼 SEC11-BP08 Build a program that embeds security ownership in workload teams | | | | | no data |
|  💼 Data Classification | 4 | | | | no data |
|   💼 SEC07-BP01 Understand your data classification scheme | | | | | no data |
|   💼 SEC07-BP02 Apply data protection controls based on data sensitivity | | | | | no data |
|   💼 SEC07-BP03 Automate identification and classification | | | | | no data |
|   💼 SEC07-BP04 Define scalable data lifecycle management | | | | | no data |
|  💼 Detection | 4 | | 2 | | no data |
|   💼 SEC04-BP01 Configure service and application logging | | | | | no data |
|   💼 SEC04-BP02 Capture logs, findings, and metrics in standardized locations | | | | | no data |
|   💼 SEC04-BP03 Correlate and enrich security alerts | | | 2 | | no data |
|   💼 SEC04-BP04 Initiate remediation for non-compliant resources | | | 2 | | no data |
|  💼 Identity management | 6 | | 4 | | no data |
|   💼 SEC02-BP01 Use strong sign-in mechanisms | | | 3 | | no data |
|   💼 SEC02-BP02 Use temporary credentials | | | | | no data |
|   💼 SEC02-BP03 Store and use secrets securely | | | 1 | | no data |
|   💼 SEC02-BP04 Rely on a centralized identity provider | | | | | no data |
|   💼 SEC02-BP05 Audit and rotate credentials periodically | | | | | no data |
|   💼 SEC02-BP06 Employ user groups and attributes | | | | | no data |
|  💼 Operating your workloads securely | 8 | | 1 | | no data |
|   💼 SEC01-BP01 Separate workloads using accounts | | | | | no data |
|   💼 SEC01-BP02 Secure account root user and properties | | | 1 | | no data |
|   💼 SEC01-BP03 Identify and validate control objectives | | | | | no data |
|   💼 SEC01-BP04 Stay up to date with security threats and recommendations | | | | | no data |
|   💼 SEC01-BP05 Reduce security management scope | | | | | no data |
|   💼 SEC01-BP06 Automate deployment of standard security controls | | | | | no data |
|   💼 SEC01-BP07 Identify threats and prioritize mitigations using a threat model | | | | | no data |
|   💼 SEC01-BP08 Evaluate and implement new security services and features regularly | | | | | no data |
|  💼 Permissions management | 9 | | 1 | | no data |
|   💼 SEC03-BP01 Define access requirements | | | 1 | | no data |
|   💼 SEC03-BP02 Grant least privilege access | | | | | no data |
|   💼 SEC03-BP03 Establish emergency access process | | | | | no data |
|   💼 SEC03-BP04 Reduce permissions continuously | | | | | no data |
|   💼 SEC03-BP05 Define permission guardrails for your organization | | | | | no data |
|   💼 SEC03-BP06 Manage access based on lifecycle | | | | | no data |
|   💼 SEC03-BP07 Analyze public and cross-account access | | | | | no data |
|   💼 SEC03-BP08 Share resources securely within your organization | | | | | no data |
|   💼 SEC03-BP09 Share resources securely with a third party | | | | | no data |
|  💼 Preparation | 8 | | 1 | | no data |
|   💼 SEC10-BP01 Identify key personnel and external resources | | | | | no data |
|   💼 SEC10-BP02 Develop incident management plans | | | | | no data |
|   💼 SEC10-BP03 Prepare forensic capabilities | | | | | no data |
|   💼 SEC10-BP04 Develop and test security incident response playbooks | | | | | no data |
|   💼 SEC10-BP05 Pre-provision access | | | 1 | | no data |
|   💼 SEC10-BP06 Pre-deploy tools | | | | | no data |
|   💼 SEC10-BP07 Run simulations | | | | | no data |
|   💼 SEC10-BP08 Establish a framework for learning from incidents | | | | | no data |
|  💼 Protecting Compute | 5 | | 2 | | no data |
|   💼 SEC06-BP01 Perform vulnerability management | | | 2 | | no data |
|   💼 SEC06-BP02 Provision compute from hardened images | | | | | no data |
|   💼 SEC06-BP03 Reduce manual management and interactive access | | | | | no data |
|   💼 SEC06-BP04 Validate software integrity | | | | | no data |
|   💼 SEC06-BP05 Automate compute protection | | | | | no data |
|  💼 Protecting Data at Rest | 4 | | 26 | | no data |
|   💼 SEC08-BP01 Implement secure key management | | | 2 | | no data |
|   💼 SEC08-BP02 Enforce encryption at rest | | | 17 | | no data |
|   💼 SEC08-BP03 Automate data at rest protection | | | 2 | | no data |
|   💼 SEC08-BP04 Enforce access control | | | 7 | | no data |
|  💼 Protecting Data in Transit | 3 | | 5 | | no data |
|   💼 SEC09-BP01 Implement secure key and certificate management | | | 2 | | no data |
|   💼 SEC09-BP02 Enforce encryption in transit | | | | | no data |
|   💼 SEC09-BP03 Authenticate network communications | | | 3 | | no data |
|  💼 Protecting Networks | 4 | | 3 | | no data |
|   💼 SEC05-BP01 Create network layers | | | | | no data |
|   💼 SEC05-BP02 Control traffic flow within your network layers | | | | | no data |
|   💼 SEC05-BP03 Implement inspection-based protection | | | 3 | | no data |
|   💼 SEC05-BP04 Automate network protection | | | 1 | | no data |
|  💼 Security Foundations | | | | | no data |
| 💼 Sustainability | 6 | | 4 | | no data |
|  💼 Alignment to demand | 6 | | 2 | | no data |
|   💼 SUS02-BP01 Scale workload infrastructure dynamically | | | 2 | | no data |
|   💼 SUS02-BP02 Align SLAs with sustainability goals | | | | | no data |
|   💼 SUS02-BP03 Stop the creation and maintenance of unused assets | | | | | no data |
|   💼 SUS02-BP04 Optimize geographic placement of workloads based on their networking requirements | | | | | no data |
|   💼 SUS02-BP05 Optimize team member resources for activities performed | | | | | no data |
|   💼 SUS02-BP06 Implement buffering or throttling to flatten the demand curve | | | | | no data |
|  💼 Data management | 8 | | 2 | | no data |
|   💼 SUS04-BP01 Implement a data classification policy | | | | | no data |
|   💼 SUS04-BP02 Use technologies that support data access and storage patterns | | | | | no data |
|   💼 SUS04-BP03 Use policies to manage the lifecycle of your datasets | | | 2 | | no data |
|   💼 SUS04-BP04 Use elasticity and automation to expand block storage or file system | | | | | no data |
|   💼 SUS04-BP05 Remove unneeded or redundant data | | | | | no data |
|   💼 SUS04-BP06 Use shared file systems or storage to access common data | | | | | no data |
|   💼 SUS04-BP07 Minimize data movement across networks | | | | | no data |
|   💼 SUS04-BP08 Back up data only when difficult to recreate | | | | | no data |
|  💼 Hardware and services | 4 | | | | no data |
|   💼 SUS05-BP01 Use the minimum amount of hardware to meet your needs | | | | | no data |
|   💼 SUS05-BP02 Use instance types with the least impact | | | | | no data |
|   💼 SUS05-BP03 Use managed services | | | | | no data |
|   💼 SUS05-BP04 Optimize your use of hardware-based compute accelerators | | | | | no data |
|  💼 Process and culture | 5 | | | | no data |
|   💼 SUS06-BP01 Communicate and cascade your sustainability goals | | | | | no data |
|   💼 SUS06-BP02 Adopt methods that can rapidly introduce sustainability improvements | | | | | no data |
|   💼 SUS06-BP03 Keep your workload up-to-date | | | | | no data |
|   💼 SUS06-BP04 Increase utilization of build environments | | | | | no data |
|   💼 SUS06-BP05 Use managed device farms for testing | | | | | no data |
|  💼 Region selection | 1 | | | | no data |
|   💼 SUS01-BP01 Choose Region based on both business requirements and sustainability goals | | | | | no data |
|  💼 Software and architecture | 5 | | | | no data |
|   💼 SUS03-BP01 Optimize software and architecture for asynchronous and scheduled jobs | | | | | no data |
|   💼 SUS03-BP02 Remove or refactor workload components with low or no use | | | | | no data |
|   💼 SUS03-BP03 Optimize areas of code that consume the most time or resources | | | | | no data |
|   💼 SUS03-BP04 Optimize impact on devices and equipment | | | | | no data |
|   💼 SUS03-BP05 Use software patterns and architectures that best support data access and storage patterns | | | | | no data |