From the course: AWS for DevOps: Security, Governance, and Validation
Unlock the full course today
Join today to access over 22,700 courses taught by industry experts or purchase this course individually.
IAM best practices - Amazon Web Services (AWS) Tutorial
From the course: AWS for DevOps: Security, Governance, and Validation
IAM best practices
- [Instructor] There are a large number of IAM best practices but I pulled together my favorites here. Don't share your AWS login credentials for users or services, particular check on this for your developers, everybody should have their own credentials and services such as EC2 should actually use rolls rather than users. Use least privilege and policy conditions and restrictions in production. Enable MFA for highly privileged users, so your admin users in particular in root. No one would be logging in with a root account in a product environment, absolutely no one. Turn on auditing for key users. We're going to look at auditing in general later in this course, but just to preview it, we'll be using cloud trail for auditing. You can use federated login, this is really a best practice. I've seen this a federated with Active Directory and so the idea there is you've got some sort of matching through a directory or even you can use external certificates so you have single sign on, which…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
(Locked)
AWS security IAM objects5m 43s
-
(Locked)
AWS root IAM user6m 2s
-
(Locked)
MFA with privileged users5m 34s
-
(Locked)
AWS IAM policy simulator9m 2s
-
(Locked)
IAM best practices2m 44s
-
(Locked)
Security via AWS Certificate Manager4m
-
(Locked)
Security via AWS KMS4m 28s
-
(Locked)
Security via AWS WAF and Shield7m 17s
-
(Locked)
Security via AWS Inspector4m 52s
-
(Locked)
Security via AWS Trusted Advisor5m 9s
-
(Locked)
AWS organizations6m 5s
-
(Locked)
-
-
-