In the cloud, the degree of automation for incident response that can be achieved is far greater than what is possible on-prem. This is because you typically have all the information required for decision making in an incident response process, complete log of calls on AWS CloudTrail, configuration inventory, and its changes in AWS Config, and AWS EventBridge (or AWS CloudWatch Events) that enables services to be integrated, enabling response flows to specific events.
In the following video you will see an example of an advanced incident response process that can be automated to run in minutes.