Secure Amazon Aurora clusters in HIPAA-compliant workloads
Blog
This article discusses how to secure Amazon Aurora PostgreSQL or MySQL clusters that handle sensitive HIPAA-compliant workloads requiring a high level of security.
Specifically, the article covers:
- Preventative controls like encryption at rest, forcing TLS connections, using TLS 1.3, limiting cipher suites, and selecting secure certificate authorities
- Detective controls like using CloudWatch metrics, logs, alarms, and SNS notifications to detect security issues like unencrypted connections
- Responsive controls like evaluating new cipher suites, preventing deployment if unencrypted connections are allowed, and monitoring for updated TLS cipher lists
- Conclusion that security is an ongoing effort requiring vigilance against emerging threats
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.