Security and identity services are sub-divided into different tools that allow ease of identity management and secure our applications. Examples include the following service offerings:

• Amazon Identity and Access Management (IAM): This allows user and system access management by assigning policies to users, groups and roles from within the account. It also offers features to allow for the integrated management, and federation of access from other AWS accounts and other directories.
• Amazon Key Management Service (KMS): A managed service on AWS that allows users to easily manage the encryption keys being used in their AWS environment. It allows access in a programmatic manner to give developers the ability to automate the delivery of encryption credentials to applications running in AWS.
• Amazon Cloud Hardware Security Module (CloudHSM): A cloud-enabled hardware security device that allows for the complete control of the encryption of data within applications running on AWS.
• Amazon Inspector: Allows a security assessment of applications running in AWS. Delivers a prioritized list of vulnerabilities and misconfigurations that allow developers and architects to design their application and the AWS services it depends on to the highest security standard and achieve compliance.

• Amazon Web Application Firewall (WAF): Protects your web applications from external attacks using exploits and security vulnerabilities. WAF gives you complete control and visibility over the traffic being sent to your web instances and allows granular security policies to be designed to keep your web application secure and to prevent the overuse of resources due to malicious activity from the internet.