Amazon Security Lake
Use this page as a service-specific case-study starter for architecture, simulation, and optimization scenarios in pinpole.cloud.
Why this service matters
Amazon Security Lake centralizes security data from AWS and third-party sources into a purpose-built data lake.
Power:
- OCSF (Open Cybersecurity Schema Framework) normalization
- Collects from CloudTrail, Route 53, VPC Flow Logs, Security Hub, Lambda, EKS, WAF
- Third-party source integration
- Subscriber-based data sharing
- Built on S3 with Apache Iceberg tables
Important workflows
- Design - Configure service behavior for your workload.
Configuration sections
- Why Security Lake (Power + Limits)
- Security Lake Settings
Key configuration points
| Point | Default / Value | Category |
|---|---|---|
| Enabled | true | Security Lake Settings |
| CloudTrail Management Events | true | Security Lake Settings |
| VPC Flow Logs | true | Security Lake Settings |
| Route 53 DNS Logs | true | Security Lake Settings |
| Security Hub Findings | true | Security Lake Settings |
| Retention (days) | 365 | Security Lake Settings |