DEV Community

Cover image for AWS Security - Secure Users
Joseph Peter
Joseph Peter

Posted on

AWS Security - Secure Users

Did you know that an AWS IAM user can delete other users, self and even delete the root user. Learn to secure your AWS users with IAM policies and MFA.

AWS IAM Security

Use cases:-

Everything is automated and a script that removes users, roles and policies for the employees who left the company. Instead by mistake it removes current employees who has the admin rights who haven’t enabled the MFA. Still the script have to remove all the policies, roles and the associated certs, access-keys before user deletion occurs.
Another case, the user with console access can perform user deletion. This can be done by threat actor or user themselves.
In both cases, restoring policies for affected users can be cumbersome and error-prone.

Solutions hints:-

Proper AWS Config setup helps to find the related policies.
Enable AWS CloudTrail to trace events.
Recreate usernames and reassign their policies.

Test out user self deletion

Here we are testing out use case:- 2. AWS user test001 is getting deleted by the same user.

⚠️Warning⚠️
If you delete a user, you lose that user with all of its privileges and access to the resources assigned with it. This action can’t be undone.

For more of this check out link => https://medium.com/@josephvpeter7/aws-security-secure-users-b69e0befdfd0

Image of Timescale

Timescale – the developer's data platform for modern apps, built on PostgreSQL

Timescale Cloud is PostgreSQL optimized for speed, scale, and performance. Over 3 million IoT, AI, crypto, and dev tool apps are powered by Timescale. Try it free today! No credit card required.

Try free

Top comments (0)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

👋 Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay