AWS Security Blog

Want Help with Securing Your AWS Account? Here Are Some Resources

Some customers have asked how they should be using AWS Identity and Access Management (IAM) to help limit their exposure to problems like those that have recently been in the news. In general, AWS recommends that you enable multi-factor authentication (MFA) for your AWS account and for IAM users who are allowed to perform sensitive operations in your account. We also recommend that you use constrained, role-based access whenever practical, and that you do not use root credentials for everyday access to your account.

The list below provides links to best practices and how-to guides that show you how to help safeguard against the types of problems that people have asked about, and against many more.

If you have any questions about these recommendations, or about how to help secure your AWS account, please post them to the AWS Forum.

– Jim