Tag: aws

Multi factor authentication (MFA) provides an additional layer of security and must be enabled whenever possible. In this article we go through the detailed steps to enable MFA for an AWS account Root user.

Having an access key for the Root user poses the risk of being misused or stolen, since this user has unrestricted access in the account. If your Root user also has access keys that you would like to remove, here is a step-by-step guide to do so.

Elasticsearch/OpenSearch domains that are not required to be openly accessible should be created without a public endpoint to prevent arbitrary public access to the domain.

Prevent password reuse policy can be easily enabled in AWS. This helps in preventing users from reusing their old passwords after expiry or when password change operations are performed. This article provides a step by step walkthrough of how you can enable Prevent Password Reuse policy on AWS, both in video and text for your preferred medium of learning.

Encrypting data at rest is a security best practice. RDS instances must also be encrypted. If you have an existing unencrypted RDS instance, this article will guide you on how you can migrate it to an encrypted one.

Exposing AWS RDS database instances to the internet is generally a bad security practice since it contains data meant to be consumed by specific instances only. If that is the case for you as well, follow this article to see how you can restrict access to your RDS Instances.