IAM Guidelines & Best Practices

  • Don’t use the root account except for AWS account setup

  • One physical user = One AWS user

  • Assign users to groups and assign permissions to groups

  • Create a strong password policy

  • Use and enforce the use of Multi Factor Authentication (MFA)

  • Create and use Roles for giving permissions to AWS services

  • Use Access Keys for Programmatic Access (CLI / SDK)

  • Audit permissions of your account with the IAM Credentials Report

  • Never share IAM users & Access Keys

PreviousIAM Security ToolsNextIAM Section – Summary

Last updated