๐ผ Protecting Compute
- ID:
/frameworks/aws-well-architected/sec/06
Descriptionโ
Compute resources include EC2 instances, containers, AWS Lambda functions, database services, IoT devices, and more. Each of these compute resource types require different approaches to secure them. However, they do share common strategies that you need to consider: defense in depth, vulnerability management, reduction in attack surface, automation of configuration and operation, and performing actions at a distance. In this section, you will find general guidance for protecting your compute resources for key services. For each AWS service used, itโs important for you to check the specific security recommendations in the service documentation.
Similarโ
Sub Sectionsโ
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| ๐ผ SEC06-BP01 Perform vulnerability management | no data | ||||
| ๐ผ SEC06-BP02 Provision compute from hardened images | no data | ||||
| ๐ผ SEC06-BP03 Reduce manual management and interactive access | no data | ||||
| ๐ผ SEC06-BP04 Validate software integrity | no data | ||||
| ๐ผ SEC06-BP05 Automate compute protection | no data |