Back to: AWS Tutorials For Beginners and Professionals
AWS IAM Security Tools Hands On
In this article, I am going to discuss AWS IAM Security Tools Hands-On. Please read our previous article where we discussed AWS IAM Roles Hands On.
AWS IAM Security Tools Hands On
Let us generate a credential report on the bottom left I am going to create a credential report. I can click on Download Report to just download this report and this will be a CSV file.
Now this CSV, because I am using a training account, is not fascinating but as we can see we have two rows in it we have my root account and my account named sandy. We can see when the user was created if the password was enabled when the password was last used, and last changed.
When is the next rotation to be expected if we do enable password rotation? Is MFA active? We can see itās active for my root account but it is not active for my sandy account. Then access keys are generated or not? Yes, they are created for my sandy account but not for my root account. When were they last rotated last used and so you can get more information about other access keys and certificates and so on? This report is extremely helpful if you want to look at some users that have not been changing their password or using it or their account. It could be giving you a great way to find which users that deserve your attention from a security standpoint. I want to look at IAM Access Advisors I am going to click on my user is sandy and on the right-hand side it says Access Advisor. This is going to show me when some services were last used. The recent activity usually appears within four hours. If you donāt see all the data, thatās why. We can see that for example Identity and Access Management was last accessed today. Thanks to this policy right here. Also, the Health APIs and Notifications were accessed today. Well, this is a little bell right here that automatically will be accessed to see if there are any notifications for your accounts.
We will see what this is this is the Personal Health Dashboard. But for the other services for example for Business or AWS Accounts or Certificates Manager I have not been using them. So maybe it makes sense for me to remove these permissions from this user because it seems this user is not using these services. This is the whole power of Access Advisor. And as you can see there are lots of services in AWS. About 23 pages just like this about 230 services in AWS at the time of recording. We have just seen all the ways we can have security tools on IAM.
In the next article, I am going to discuss AWS Budget Setup. Here, in this article, I try to explain AWS IAM Security Tools Hands-on and I hope you enjoy this AWS IAM Security Tools Hands-On article.
About the Author: Pranaya Rout
Pranaya Rout has published more than 3,000 articles in his 11-year career. Pranaya Rout has very good experience with Microsoft Technologies, Including C#, VB, ASP.NET MVC, ASP.NET Web API, EF, EF Core, ADO.NET, LINQ, SQL Server, MYSQL, Oracle, ASP.NET Core, Cloud Computing, Microservices, Design Patterns and still learning new technologies.
Registration Open For New Online Training
Enhance Your Professional Journey with Our Upcoming Live Session. For complete information on Registration, Course Details, Syllabus, and to get the Zoom Credentials to attend the free live Demo Sessions, please click on the below links.