Getting Started with AWS

  • Securing an AWS Account


        It is very important to secure your AWS account. Following are some best practices that            can be used to safeguard your AWS account

       
    • Safeguard your passwords and access keys
    • Activate multi-factor authentication (MFA) on the AWS account root user and any users with interactive access to AWS Identity and Access Management (IAM)
    • Limit AWS account root user access to your resources
    • Audit IAM users and their policies frequently
    • Create Amazon Elastic Block Store (Amazon EBS) snapshots, Amazon Relational Database Service (Amazon RDS) snapshots, and Amazon Simple Storage Service (Amazon S3) object versions
    • Use AWS Git projects to scan for evidence of unauthorized use
    • Monitor your account and its resources

                Note: If you're using AWS Identity Center or IAM federated users, the best practices                    for IAM users  also apply to federated users.


  • Configure MFA & Password Policy


            Activating MFA can help secure the accounts and prevent unauthorized users from                     logging in to  accounts without a security token.

             For increased security, it's a best practice to configure MFA to help protect your AWS                 resources. You can activate a virtual MFA for IAM users and the AWS account root user.             Activating MFA for the root  user affects only the root user credentials. IAM users in the             account are distinct identities with their own credentials, and each identity has its own                 MFA configuration.

            Do not use your root account for any AWS activity. Always create an IAM user. once you             create an  IAM user you have to set up a password policy.

            set a custom password policy on your AWS account to specify complexity requirements              and mandatory rotation periods for your IAM users' passwords. If you don't set a custom             password policy, IAM user passwords must meet the default AWS password policy

            for more information here is the link for reference 

                                 https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_account-policy.html#password-policy-rules

Set up Budget & Alert

  • AWS Budgets gives you the ability to set custom budgets that alert you when your costs or usage exceed (or are forecasted to exceed) your budgeted amount

  • You can also use AWS Budgets to set reservation utilization or coverage targets and receive alerts when your metrics drop below the threshold you define.




“P.S. If you read it till the end, Thank you!...

This article is part of AWS Career Growth Program (AWS-CGP) by Pravin Mishra

For more AWS related content please visit the website.”

Comments

Post a Comment

Popular posts from this blog

AWS Regions and Availability Zones & Edge Locations

Image
AWS Regions and Availability Zones What are Regions  & AZ? It is a physical location around the world where aws has cluster data centers .  AWS call each group of logical data centers an Availability Zone .  Each AWS Region consists of a minimum of three, isolated, and physically separate AZs within a geographic area. Unlike other cloud providers, who often define a region as a single data center, the multiple AZ design of every AWS Region offers advantages for customers.  Each AZ has independent power, cooling, and physical security and is connected via redundant, ultra-low-latency networks. AWS customers focused on high availability can design their applications to run in multiple AZs to achieve even greater fault-tolerance. AWS infrastructure Regions meet the highest levels of security, compliance, and data protection. AWS provides a more extensive global footprint than any other cloud provider, and to support its global footprint and ensure customers are se...
Read more

Cloud fundamentals

Image
  What is cloud computing? Cloud computing is the on-demand availability of  computer   system resources , especially data storage ( cloud storage ) and  computing power , without direct active management by the user. Its a Pay as you go service , where you don’t need to buy ,own or maintain physical data centres and servers, you can access technology services, such as computing power, storage, and databases, on an as-needed basis from a cloud provider like Amazon Web Services (AWS).   What are the benefits of cloud computing? 1.Agility - It goes access to board range of technology so that you can innovate faster   2.Elasticity - You don’t need to over provision the resources 3.Cost savings - Trade fixed expenses (such as data centers and physical servers) for variable expenses, and only pay for IT as you 4.Deploy globally in minutes Cloud Computing Models 1.Infrastructure as a Service (IaaS) Infrastructure as a Service provides you with the highest le...
Read more