From the course: AWS for DevOps: Security, Governance, and Validation

Unlock the full course today

Join today to access over 22,700 courses taught by industry experts or purchase this course individually.

IAM best practices

IAM best practices - Amazon Web Services (AWS) Tutorial

From the course: AWS for DevOps: Security, Governance, and Validation

Start my 1-month free trial

IAM best practices

- [Instructor] There are a large number of IAM best practices but I pulled together my favorites here. Don't share your AWS login credentials for users or services, particular check on this for your developers, everybody should have their own credentials and services such as EC2 should actually use rolls rather than users. Use least privilege and policy conditions and restrictions in production. Enable MFA for highly privileged users, so your admin users in particular in root. No one would be logging in with a root account in a product environment, absolutely no one. Turn on auditing for key users. We're going to look at auditing in general later in this course, but just to preview it, we'll be using cloud trail for auditing. You can use federated login, this is really a best practice. I've seen this a federated with Active Directory and so the idea there is you've got some sort of matching through a directory or even you can use external certificates so you have single sign on, which…

Contents