Whether starting a greenfield project in one of the public clouds or implementing a lift-and-shift project – cloud security always is and will be an important topic. Even more so with the “privacy by design” principle that was put in place by GDPR. There are lots of best practices out there: multi-account strategies, principle of least privilege, automated patching and scanning security vulnerabilities and enforcing encryption – just to name a few measures to harden your cloud infrastructure. Ideally all these are driven by CI/CD pipelines to enable confident changes and short cycle times. The session will cover AWS-based examples on proven best practices and solutions that can be used to harden your cloud infrastructure with little effort using the already available features and components.