Reconcile AWS Account settings #43
Comments
|
The initial account pw/MFA created for the accounts listed in the issue. This is done by way of "Forgot Password" and requires access to the csvd.aws@census.gov shared mailbox. Whoever has access to that mailbox can change the password but would require the MFA to login. |
Sign in
to join this conversation on GitHub.
Verify and enable MFA on all E/W root accounts:
https://github.e.it.census.gov/terraform/cloud-information/blob/master/aws/info/ACCOUNTS.md
Make sure ACCOUNTS.md is complete
check each E/W root account for Password and MFA compliance
AWS CIS Benchmark requires no root access keys for compliance so it is assumed that these need to be set and managed through the console using each account URL.
Here is a partial list that needs to be reconciled:
lab-ew-network-sa
ma15-ew
ma16-ew
ma18-ew
ma19-ew
ma20-ew
ma21-ew
ma22-ew
ma23-ew
ma24-ew
ma25-ew
ma26-ew
ma27-ew
I do not have access to all of these accounts so the creator(s) must verify and reconcile all non-compliance.
Record credentials in Git and protect with Git secret (phase 2)
Root Password
-[ ] XXXXXXXXXXXX-alias
Root MFA
-[ ] XXXXXXXXXXXX-alias
The text was updated successfully, but these errors were encountered: