Follow the best practices of IAM to secure your AWS resources. Never share IAM user credentials and access keys.
- Account access control
- Don’t use the root user account except for AWS account setup.
- One physical user is assigned to only one AWS user; if someone needs to use your credentials, create an account for them.
- Ensure security is managed to group level, assign users to group and assign permissions to groups.
- Create and use roles for giving permissions to AWS services.
- Audit permissions of your account using IAM Credential Report and IAM Access Advisor.
- Account protection and authentication
- Create a strong password policy.
- Use and enforce the use of Multi Factor Authentication (MFA).
- Use access keys for programatic access (CLI/SDK).
Back to parent node: AWS Identity and Access Management (IAM)
Cloud_computing AWS AWS_IAM AWS_CLF-C02 IAM_best_practices IAM_security
Reference - IAM best practices