What is this guide?
As AWS security professionals we are often asked by customers to validate their use of AWS security services and to give tips and tricks on how to use these services and how others use AWS security services. With this guide we have the goal of more broadly sharing this knowledge with the user community and at the same time give the ability for others outside of AWS to contribute.
What you will and won't find here
Simply, we will be covering best practices for configuring AWS security services. This is NOT overall AWS security best practices. This documentation is not simply a numbered list of best practices. Instead this documentation is meant to walk you through what you need to know before deploying an AWS security service to what you should be doing after enablement and through fully operationalizing the service. Often this is done through discussing different use cases and different factors associated with specific use cases that can help in making design decisions. Following this guide you should feel confident that you have the ability configure and use an AWS security service effectively.
Often in this documentation we will be referring back to the full service documentation. Many times in this documentation we will briefly mention some information that provides context into a potential service best practice without explaining a particular feature in complete depth. It is our goal not to replicate the AWS service documentation but instead provide as much detail as possible into different components of a service or feature so that you can effectively use a service. Keep in mind you might need to dive deep into certain pieces of documentation to understand a feature or functionality in it’s entirety.