AWS IAM: Best Practices


AWS IAM is targeted for AWS resources only and not for custom Applications. It integrates with different AWS services.

Limits:
Best Practices:
  • Never store credentials to AWS Instance rather than use Role
  • Control Access ib User/Group/Role level
  • Remove Root credentials and create IAM users for routine usage
  • Enable Multi-factor Authentication
  • Use access keys and secret access keys for REST API Access
  • Always use Group or User specific policies for Authorization
  • Create policy for Specific AWS Resource rather than giving access to all AWS Ec2 virtual machine or All S3 buckets
  • As we discussed in earlier post, use Roles which create dynamic access keys rather than using keys and other methods
  • Rotate Access Key and Secret Key

Leave a comment

Your email address will not be published. Required fields are marked *