# 1) AWS Account Safety

Understanding the safety of your account should be your first priority. Below is a recommended checklist you can follow to improve the security of your AWS account. This is based on the offical AWS Answer (<https://aws.amazon.com/answers/security/aws-secure-account-setup/>) coupled with the latest security features released by AWS. (Guard Duty & Security Hub)

### Identity and Access (IAM) Security Status

AWS provides a best practices checklist for IAM.

<div align="left"><img src="/files/-LoA97g8fCDmaZLxUcn5" alt="Ensure your Security Status is all green ticks"></div>

### Keep your account details up to date

The My Account section in the AWS console is where you can:

* Update the contact details which AWS will use to contact you when there are Billing, Operational and Security notices.
* Define your secret questions so that AWS can validate your identity when you need to contact customer support for help.
* Setup the appropriate AWS support plan to suit the critically of your service.

<div align="left"><img src="/files/-LoAmWk-ZlXGOFiwPHD4" alt="Go to your My Account"></div>

<div align="left"><img src="/files/-LoAmyk-MPL1YcRP6HhV" alt="Setup Alternate Contacts and Security Challenge Questions"></div>

<div align="left"><img src="/files/-LoFcf60PxGJ24jnc41X" alt="Scroll down to Manage AWS Support Plans"></div>

<div align="left"><img src="/files/-LoAXR1RNaY2qjZBVrRA" alt="Select an approparite Support Plan"></div>

### Enable guard duty

Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads. This service it will automatically scan the following:

* VPC flow logs
* Cloud Trail
* DNS requests

If you are in an enterprise environment you may also wish to forward these in your SIEM tool (Security Information and Event Management tool).

By default guard duty does not have any alerting mechanism. InfViz have an cloudformation script which configures cloudwatch events and SNS to alert you when Guard Duty detects a suspicious event. (<https://github.com/infviz-io/aws-guardduty-alert>)

### Gain centralized visibility with Security Hub

AWS Security Hub gives you a comprehensive view of your high-priority security alerts and compliance status. It this does by:

* **Running compliance checks**: AWS Security provides customers with prepackaged compliance standards, such as the CIS AWS Foundations Benchmark.
* **Finding ingestion events**: AWS Security Hub ingests findings from various AWS services and from partner products.&#x20;


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.infviz.io/tutorials/understaing-your-aws-evironment/1-aws-account-safety.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.