...
- Enable multifactor authentication (MFA) for your root AWS account. Use a physical MFA device and lock it away once enabled and tested.
Logging into AWS using your root account should now be an exceptional situation, not a daily occurrence.
http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_enable_physical.html - Start logging into the AWS Console using this URL: http://signin.aws.cucloud.net/
- This URL engages Cornell's Shibboleth provider and also uses Cornell's Two-step-login process for AWS administrators. You will now be able to login to AWS using your standard Cornell netid credentials.
- This URL engages Cornell's Shibboleth provider and also uses Cornell's Two-step-login process for AWS administrators. You will now be able to login to AWS using your standard Cornell netid credentials.
- Police your existing AWS IAM users and, at minimum, remove passwords for those users. Instead, human users should use the above URL and their Cornell credentials for accessing AWS.
- Contact your Cloudification Team liaison or send an email to cloud-support@cornell.edu with any questions.
- Get connected with the Cornell cloud community.
...