AWS Tools to safeguard your sensitive data

AWSConfig https://aws.amazon.com/config/
IAM Access Analyser https://aws.amazon.com/iam/
Amazon Guard https://aws.amazon.com/guardduty/
AWS STS https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html
CloudTrail https://aws.amazon.com/cloudtrail/
AWS KMS https://aws.amazon.com/kms/
Amazon Macie https://aws.amazon.com/macie/
CloudWatch can detect and prevent logging of sensitive data https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutAccountPolicy.html
Control Hub https://aws.amazon.com/controltower/
Security Hub https://aws.amazon.com/security-hub/
CloudHSM https://aws.amazon.com/cloudhsm/
Amazon HealthLake: https://aws.amazon.com/healthlake/