Multi-Factor Authentication (MFA)

  • Multi-Factor Authentication (MFA) can add an extra layer of security to your infrastructure by adding a second method of authentication beyond just a password or access key. With MFA, authentication also requires entering a One-Time Password (OTP) from a small device. The MFA device can be either a small hardware device you carry with you (fot example SafeNet IDProve 100 (OTP Token)) or a virtual device via an app on your smart phone (for example google authentication)

  • Add MFA: goto activate MFA for root account -> manage MFA -> virtual MFA -> copy the qr to google authenticator -> type 2 otp.

Password Policy

  1. A password policy is a set of rules that define the type of password an IAM user can set.

  2. (Note: Go through the options)

Credential Report

It lists all your account's users and the status of their various credentials including passwords, access keys, and MFA devices.

Encryption keys

  1. AWS Key Management Service (AWS KMS) is a managed service that makes it easy for you to create and control the encryption keys used to encrypt your data. AWS KMS is integrated with other AWS services including Amazon Elastic Block Store (Amazon EBS), Amazon Simple Storage Service (Amazon S3), Amazon Redshift, Amazon Elastic Transcoder, Amazon WorkMail, Amazon Relational Database Service (Amazon RDS), and others to make it simple to encrypt your data with encryption keys that you manage

  2. AWS KMS lets you create master keys that can never be exported from the service and which can be used to encrypt and decrypt data based on policies you define.

PreviousAmazon IAMNextAmazon Elastic Compute Cloud (Amazon EC2)

Last updated