...
TO DO : nat gateway, ip space, shibboleth, duo, fire walls, security groups, etc.
Link/Description | General Configuration | Research Configuration? | |
---|---|---|---|
Security - AWS Config enabled | y | y | |
Security - CloudTrail enabled for all activity in all regions | y | y | |
Security - root account protected with multifactor authentication | root account should not be used for regular administration and MFA key should be locked in secure location | y | y |
Security - no access keys associated with root account | y | y | |
Security/Business - integrated with CloudCheckr | y | y | |
Security - user access controlled by Cornell AD group membership and integrated with Cornell Shibboleth | y | ? | |
Security - access for users with administrative privileges utilize Cornell Duo for authentication | y | ? | |