The idea behind the defense in-depth is to defend a system against attacks by layering independent methods of defense and providing redundancy in case of a security control failure or vulnerability exploit.
The necessity of these layering approach is explained clearly by the Swiss Cheese Model: since no layer can be 100% secure, if we overlap different layer we can possible reduce the chance of an hole going all the way through.
Swiss Cheese security Model
The five functions of the NIST Cybersecurity framework :
Identify
Protect
Detect
Respond
Recover
There are multiple AWS services that can be used in combination at different levels to build secure Multi-Tier Applications:
Image description
Let's have a look.