# Configuration and vulnerability analysis in AWS Identity and Access Management
<a name="configuration-and-vulnerability-analysis"></a>

AWS handles basic security tasks like guest operating system (OS) and database patching, firewall configuration, and disaster recovery. These procedures have been reviewed and certified by the appropriate third parties. For more details, see the following resources:
+ [Shared Responsibility Model](https://aws.amazon.com/compliance/shared-responsibility-model/)
+ AWS: [Overview of Security Processes](https://d0.awsstatic.com/whitepapers/Security/AWS_Security_Whitepaper.pdf) (whitepaper)

The following resources also address configuration and vulnerability analysis in AWS Identity and Access Management (IAM):
+ [Compliance validation for AWS Identity and Access Management](https://docs.aws.amazon.com/IAM/latest/UserGuide/iam-compliance-validation.html)
+ [Security best practices and use cases in AWS Identity and Access Management](https://docs.aws.amazon.com/IAM/latest/UserGuide/IAMBestPracticesAndUseCases.html).