Protect Your AWS Account

Almost on a weekly basis on Reddit, someone posts that they have been contacted by AWS for unusual activity on their account or they see an increase in their bill and don’t know why. In a number of cases, their account gets suspended or they get a huge bill because their account is hacked. Many of these people just sign up for an AWS account after doing research or sign up and forget about it because of the “free” tier. Here are some basic steps to protect your account.

  1.  Remember AWS goes by the shared security model. AWS will protect the hardware and underlying architecture your AWS Account runs under. You are responsible for the security of the resources you create in AWS.
  2.  When you sign-up that email address account becomes your root account. Don’t use that to do work as it has unlimited permissions. Do the following:
    1. Set up 2-factor authentication immediately  – Setup MFA
    2. Create an IAM user with strong password Administrator Permissions and 2-factor authentication. This will be the main working account you will use.  Setup IAM Admin User
    3. log out of your root account and log back in with the IAM user you just created
  3. If you are doing work for a client – sign up for Developer Support at $29.00 per month. Why? If you have an issue you can get a response for AWS support in under 24 hrs. Basic Support has no SLA so you will get a response when an engineer has no other cases or free time.
  4. Enable AWS Guarduty for Threat Detection –  It comes with a 30-day trial that will catch threats while you learn the ropes, Just remember to check it each day to see if it found anything.
  5. Enable AWS Inspector for vulnerability detection – It comes with a 15-day trial that finds vulnerabilities in EC2 instances and Container images.
    1. Note: If you are not using EC2 or containers you may not need this technology
  6. Lastly set up a billing alert so even if you are not using the account on a daily basis you don’t want a compromised account running stuff and incurring unexpected charges. enable and setup billing alerts

I consider this the bare minimum configuration to protect those new to AWS and prevent surprises as you learn the service.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Translate »