HomeDocumentationCode SamplesAPI ReferenceAnnouncementsModelsRelease NotesFAQGitHubVideos
Developer HubAPI StatusSupport
Documentation
Developer HubAPI StatusSupport

Amazon Selling Partner API Guard Implementation Guide

Learn how to implement Amazon Selling Partner API Guard.

Amazon Selling Partner API Guard is a serverless application that scans Amazon Web Services (AWS) data to assess security compliance with Amazon’s Data Protection Policy. It leverages custom scan rules built with AWS Security services to look for security gaps, and then returns a findings report with clear remediation recommendations after 24 hours.

Key features include:

  • Reduce manual effort by creating automatic self-service Data Security Assessments
  • Quickly assess and maintain your security compliance
  • Automatically store findings in a secure read-only Amazon Simple Storage Service (Amazon S3) bucket
  • Download and share reports with your stakeholders

Additionally, Selling Partner API Guard offers the following benefits:

  • Time savings - Selling Partner API Guard maps your controls to policy requirements, which means that you don’t need to manually collect documentation and screenshots. It also recommends remediation steps so that you can quickly revise your architecture.

  • Control over your assessments - For every scan, you can choose whether or not to share your findings report with Amazon. Selling Partner API Guard gives you full ownership to continuously assess and manage your security.

  • Support - The Selling Partner API Team offers you Solution Architect support for remediation and Developer Support in troubleshooting so that you can focus on growing your business.

The following video includes an overview and demo for the new Selling Partner API Guard tool.

This implementation guide describes architectural considerations and configuration steps for deploying Selling Partner Guard in AWS Cloud. It includes a link to an AWS CloudFormation template that launches and configures the AWS services required to deploy using AWS best practices for security, availability, performance efficiency, and cost optimization.

The guide is intended for IT architects, developers, DevOps, data analysts, and marketing technology professionals who have practical experience architecting in the AWS Cloud.

Selling Partner API Guard and other security services

Selling Partner API Guard checks your controls in the context of the Amazon's Data Protection Policy. It is not designed to replace other security services that you currently use for non-Selling Partner API compliance purposes.

Selling Partner API Guard enables necessary underlying AWS services in order to perform scans. After the scans are complete (24 hours), Selling Partner API Guard automatically turns off any services that were activated for the scan. Selling Partner API Guard performs scans independently of your current setup, and will not alter any existing configurations.

Any AWS services that you currently use are not affected by Selling Partner API Guard.

Tip

For technical support or to submit a feature request for Selling Partner API Guard, you can open a support case with Developer Support.

Updated 10 days ago

OSZAR »