...
TO DO : nat gateway, ip space, shibboleth, duo, fire walls, security groups, etc.
| Link/Description | General Configuration | Research Configuration? | |
|---|---|---|---|
| Security - AWS Config enabled | y | y | |
| Security - CloudTrail enabled for all activity in all regions | y | y | |
| Security - root account protected with multifactor authentication | root account should not be used for regular administration and MFA key should be locked in secure location | y | y |
| Security - no access keys associated with root account | y | y | |
| Security/Business - integrated with CloudCheckr | y | y | |
| Security - user access controlled by Cornell AD group membership and integrated with Cornell Shibboleth | y | ? | |
| Security - access for users with administrative privileges utilize Cornell Duo for authentication | y | ? | |