Member-only story
Securing Your AWS Development Experience
AWS Nomads #1. This is the first article in an ongoing series on AWS development for scrappy developers.
AWS can be a maze of services and options. This is a simple guide to developing securely on AWS. Future essays will discuss various aspects of developing secure applications on AWS, which has many more variations for different application and service types.
Step 1: Secure Your Root Account
Your “Root Account” is the login that has authoritative access to everything. Until you explore the mysteries of IAM, all you have is a root account. You need to keep a root account. Here’s how to secure it.
First of all, good old email and login are simply not secure enough. You can get away with it for years, and never have a problem: but it’s a matter of when, not if.
So, from your AWS console, go to your account name in the top bar, and select “My Security Credentials.”
You may need to get past a notice about IAM users. Don’t worry about that for now, we’ll come back to that.
You should land on a page that looks something like this:
