AWS Made Easy

Tip #13: Getting started with AWS: first steps after you sign up

Follow this checklist when you are getting started with AWS to improve security

Congratulations on beginning your journey with AWS. As you get the new AWS account setup, we have prepared a checklist of some AWS basics for you to ensure maximum security.

Create administrator user

As part of your AWS onboarding process you receive root user credentials. This user has the highest level of privileges and it is advisable to not use this user for any purpose, except for super-privilege activities

The first step when getting started with AWS is to create an administrator user in the IAM console and assign the AdministratorAccess permission policy to it. If you plan to have multiple users with admin roles, you could create an IAM User Group with AdministratorAccess permission policy and then add users to the group.

Enable MFA

You should also enable Multi Factor Authentication (MFA) for all your AWS users. AWS supports virtual MFA devices that work on mobile phones as well as hardware based devices. A complete list of devices is available here.

Every user needs to individually activate their MFA device. To do this, you need to navigate to the user in the IAM console, open the Security credentials tab and click on Manage link next to the Assigned MFA device option and follow the instructions provided on the page.

Change password policy

AWS allows you to create custom password policies for your users. You can do this by opening “Account settings” under the IAM console. You can use any combination of the following rules to set up the policy:

  • Set minimum password length
  • Increase password strength by mandating at least one:
    • Uppercase letter
    • Lowercase letter
    • Number
    • Non alphanumeric characters
  • Set number of days after which passwords expire
  • Allow users to change their own password
  • Allow users to change their expired password
  • Prevent reuse of old passwords

References

Email
Twitter
Facebook
LinkedIn

Leave a Reply

Your email address will not be published.

Related Tips & Tricks