β Repository β πΌ AWS Well-Architected β πΌ Security β πΌ Infrastructure protection
πΌ Protecting Compute
- ID:
/frameworks/aws-well-architected/security/infrastructure-protection/sec06
Descriptionβ
Compute resources include EC2 instances, containers, AWS Lambda functions, database services, IoT devices, and more. Each of these compute resource types require different approaches to secure them. However, they do share common strategies that you need to consider: defense in depth, vulnerability management, reduction in attack surface, automation of configuration and operation, and performing actions at a distance. In this section, you will find general guidance for protecting your compute resources for key services. For each AWS service used, itβs important for you to check the specific security recommendations in the service documentation.
Similarβ
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| πΌ SEC06-BP01 Perform vulnerability management | no data | ||||
| πΌ SEC06-BP02 Provision compute from hardened images | no data | ||||
| πΌ SEC06-BP03 Reduce manual management and interactive access | no data | ||||
| πΌ SEC06-BP04 Validate software integrity | no data | ||||
| πΌ SEC06-BP05 Automate compute protection | no data |