Thursday, 15 February 2018

Best Practices of IAM security for Advanced Security Protocols on AWS cloud

AWS IAM Security


Amazon Identity and Access Management service is a web service that provisions security control access to the Amazon Web Services Resources. Identity and Access Management can be used to control to who is permitted for Sign-in and for the authorization of the permission to utilize the resources. In this article, you will be learning on how to enhance the IAM security with a just simple task where you can implement it to the AWS Cloud. 

First, check the security status column of the Identity and Access Management Console. If there are alerts listed then you have come to the right place because in this article I will be showing you how to fix this issue which will further improve the security protocols. 

Eliminate the Root access Keys:

Root Account in the Amazon Web Services is a powerful account which can’t be restricted in any way. The Root Account should be utilized to create only new users and to authorize permission accordingly but not frequently. The access keys in the Root account should be eradicated as it will be most likely to be utilized for console access and not the Amazon Web Services CLI or SDK access. 

To eliminate root access key you need to click "The Delete your root access keys" on the Security status and tap on the Manage Security Credentials. Your Security Credentials page will be then displayed. Tap on the Access Keys section. By doing this there will be list of action keys displayed so delete all of them by utilizing a delete link on the right side and confirm the dialogue box that will show up. 

Creation of Users and groups:

It is suggested to create a user to manage Amazon Web Services because of the importance of root account. If there is more than one user then you need to authorize permission to different team members. But having a group become’s essential because it is easy to manage and delegation is consistent. 

Password Policy:

Click on the account setting to configure a password policy which is on the left side. Configure the parameters and values that you want to set and after doing that tap on the Apply password policy. 

Multifactor Authentication:

The Amazon Web Services Console or the access key is not available for the users in the company but only for chosen or only limited users can access the AWS console. Multifactor authentication is an essential security feature that will be applied to all the users which should be implemented in the root account. To use Multifactor Authentication in the root account you will need to tap on the Activate Multifactor Authentication on the root account and tap on Manage Multifactor Authentication. For an IAM user, you need to tap on the desired user and then tap on the Security Credential tap and then tap on the edit icon on the Assign Multifactor Authentication device. To enable Multifactor Authentication you need to fulfill the list of procedures which in the first instance you have to choose from a hardware or virtual device. The virtual device does not include cost so you can use an app such as the Google Authenticator. In this article, Virtual MFA device will be used and after selecting it you have to tap on Next Step.

Dialogue Box will appear by informing you to install the applications. Go to your device and install the Google Authenticator on it and it will be ready to add an account and then click on the next step. Now you have to configure the QR code by clicking on the add button and face the device to the QR Code which will identify the device and create an entry on the Google Authenticator. After all the procedure is followed properly a dialogue box will appear informing that the Multifactor devices are successfully installed and configured in the account and after that, you need to click on Finish. 

Once you have enabled the Multifactor authentication, for every new login on the AWS console a code will be displayed on the Google Authenticator which will be needed to permit access. 

Track IAM user’s utilization:

After enabling the Multifactor authentication for enhancing the security you can now add a built-in feature to keep a record of the IAM user’s utilization, status of their credentials, MFA information and last time login account activity. It is recommended to remove the accounts that are no longer in use. 

Tap on the Credential Report and then on the Right Side, there will be a Download Report which will contain CSV file. In that CSV file, the admin can check the user's utilization report and much more. After doing all this procedure you have to refresh the Dashboard page of the IAM console and you will see that all the status are been complete. 

No comments:

Post a Comment

Three new Threat Detection added in Amazon GuardDuty

Amazon GuardDuty is a threat detection service which persistently detects for harmful or forbidden actions to assist you secure your AWS...