Revamping AWS Cloud Infrastructure through Well-Architected Review and Remediation for EdTech

Solutions

• Implemented Multifactor Authentication (MFA) for both the AWS Root account and IAM users, enhancing security through an additional layer of verification. 
• Implement the AWS Single Sign-On (SSO) to streamline access management, providing a unified login for multiple AWS accounts and applications, and simplifying user authentication. 
• Implemented AWS Systems Manager for centralized operational data and automated tasks across AWS resources, facilitating remote patching activities for improved availability. 
• Configured the Amazon CloudWatch logs and metrics for monitoring the web application, ensuring proactive identification and response to performance issues. 
• Advised the deletion of unwanted or underutilized servers and snapshots for cost optimization, aligning resources with actual needs. 
• Enabled termination protection on all running servers in the AWS account to prevent accidental termination and ensure operational continuity. 
• Implemented encryption for Amazon EBS volumes attached to Amazon EC2 instances and Amazon S3 buckets storing data, bolstering data security. 
• Provided the documentation to enable AWS GuardDuty to continuously monitor the AWS account for unauthorized activity, enhancing threat detection and response capabilities and the client has enabled the AWS GuardDuty.