AWS Security & Operations Checklist
This is the checklist we run against every AWS account we take over — distilled from two decades of cloud, DevOps and SecOps engineering, and extended with the AI-assisted operations practices we now consider baseline. Work through it section by section; your progress is saved in your browser, so you can audit an account across several sessions. Tick nothing you have not verified in the console or via the CLI.
Account Foundation
Identity & Access Management
Compute (EC2)
Storage & Data
Load Balancing (ALB / ELB)
OS Hardening
Databases (RDS)
Networking & Edge
SecOps & Monitoring
Governance
Encryption & Key Management (KMS)
Encryption in Transit (TLS)
AI-Assisted Operations
A printable spreadsheet version of this checklist is part of our Service Catalog documents. If you would rather have us run the audit — we have been doing exactly this for twenty years, and our AI tooling now does the boring half — start a project.