Event-driven architectures (for example, fan out, event streaming, queuing)
Designing mechanisms to protect data integrity by preventing modifications (for example, by using S3 Object Lock, KMS key policies, S3 Glacier Vault Lock, and AWS Backup Vault Lock)
Attributes of logging capabilities (for example, log levels, type, verbosity)
Designing encryption at rest by using AWS CloudHSM for relational databases (for example, Amazon RDS, RDS Custom, databases on EC2 instances)
Using different deployment methods (for example, blue/green, canary)
Fleet management services (for example, Systems Manager, AWS Auto Scaling)
AWS services and features that provide logging capabilities (for example, VPC Flow Logs, DNS logs, CloudTrail, CloudWatch Logs)
Applying configuration changes to systems
Establishing schedules and retention for AWS Backup across AWS services
AWS service health services (for example, AWS Health, CloudWatch, Systems Manager OpsCenter)
Creating CloudWatch metrics from log events by using metric filters
Standardizing and automating account provisioning and configuration
Designing management and rotation of secrets for workloads (for example, database access credentials, API keys, IAM access keys, AWS KMS customer managed keys)
Creating, consolidating, and centrally managing accounts (for example, AWS Organizations, AWS Control Tower)
Investigating unintended permissions, authorization, or privileges granted to a resource, service, or entity