- outline
AWS Security Basic Principles
- ground rules
Do not use Root account for normal case but use IAM
Minumum 50 characters password for Root account + MFA(for C. level) + U2F Device
Using IAM user account as company e-mail account
Minumum 50 characters password for IAM account
Expire password over 180 days of IAM account
Do not use password as previous password
Enable MFA for IAM account
Do not enable IAM account for Console Login and Accesskey both
Do not share an IAM account or AccessKey with multiple people
Disable and remove unused IAM accout or AccessKey, immediately
- note
Change number of 180 days, 15 or 50 characters depend on each case
"Do not enable IAM account for Console Login and Accesskey both" >> Only for test account of developer, but account for service needed to use seperately
- reference
https://docs.aws.amazon.com/ko_kr/IAM/latest/UserGuide/introduction.html