> For the complete documentation index, see [llms.txt](https://helpdocs.secureanycloud.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://helpdocs.secureanycloud.com/aws-deployment-secured-wamp-with-aurora-on-windows-server-2016/security.md).

# Security Best Practices

### Use IAM to control access <a href="#use-iam-to-control-access" id="use-iam-to-control-access"></a>

IAM is an AWS service that you can use to manage users and their permissions in AWS.&#x20;

Users require full access to manage all of the resources in a template.&#x20;

AWS CloudFormation makes calls to create, modify, and delete those resources on their behalf. To separate permissions between a user and the AWS CloudFormation service, use a service role. AWS CloudFormation uses the service role's policy to make calls instead of the user's policy.

To deploy this product IAMRoleForStackCreation is required for the user

For more information, see [AWS CloudFormation service role](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-servicerole.html).

Follow the principle of least privilege as described in this [link](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege)


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://helpdocs.secureanycloud.com/aws-deployment-secured-wamp-with-aurora-on-windows-server-2016/security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.