I'm about to launch my first ever SaaS product on AWS and am thinking through security.

I have my main server, which is obviously public on :80 and :443, and then I have a bunch of other infra...