This is the checklist we run against every AWS account we take over — distilled from two decades of cloud, DevOps and SecOps engineering, and extended with the AI-assisted operations practices we now consider baseline. Work through it section by section; your progress is saved in your browser, so you can audit an account across several sessions. Tick nothing you have not verified in the console or via the CLI.

0 / 0 verified

Account Foundation

Identity & Access Management

Compute (EC2)

Storage & Data

Load Balancing (ALB / ELB)

OS Hardening

Databases (RDS)

Networking & Edge

SecOps & Monitoring

Governance

Encryption & Key Management (KMS)

Encryption in Transit (TLS)

AI-Assisted Operations

A printable spreadsheet version of this checklist is part of our Service Catalog documents. If you would rather have us run the audit — we have been doing exactly this for twenty years, and our AI tooling now does the boring half — start a project.