AWS managed security services (for example, AWS Shield, AWS WAF, Amazon GuardDuty, AWS Security Hub)
Specifying IAM users and IAM roles that adhere to the principle of least privilege access
Specifying inbound and outbound network flows by using security group rules and network ACL rules
Developing attack mitigation strategies for large-scale web applications
Developing encryption strategies for data at rest and data in transit
Specifying service endpoints for service integrations
Developing strategies for patch management to remain compliant with organizational standards
AWS Global Infrastructure
AWS storage services and replication strategies (for example Amazon S3, Amazon RDS, Amazon ElastiCache)
Multi-AZ and multi-Region architectures
Auto scaling policies and events
Application integration (for example, Amazon Simple Notification Service [Amazon SNS], Amazon Simple Queue Service [Amazon SQS], AWS Step Functions)
Service quotas and limits
Designing highly available application environments based on business requirements
Using advanced techniques to design for failure and ensure seamless system recoverability
Implementing loosely coupled dependencies