Multi Factor Authentication - MFA
•
MFA = password + security device
•
Device options
◦
Virtual MFA device
◦
Universal 2nd Factor (U2F) Security Key
Access AWS
•
To access AWS, you have three options:
◦
AWS Management Console (protected by password + MFA)
◦
AWS Command Line Interface (CLI): protected by access keys
◦
AWS Software Developer Kit (SDK) - for code: protected by access keys
•
Access Keys are generated through the AWS Console
•
Users manage their own access keys
•
Access Key ID ~= username
•
Secret Access Key ~= password
AWS CLI
•
A tool that enables you to interact with AWS services using commands in your command-line shell
•
Direct access to the public APIs of AWS services
•
You can develop scripts to manage your resource
CLI Authentication
~ aws configure
>>> AWS Access Key ID [None]: {Access key ID}
>>> AWS Secret Access Key [None]: {Secret access key}
>>> Default region name [None]: {Region code}
>>> Default output format [None]:
~ aws iam list-users
>>> USER LIST
Shell
복사
Get Access Keys
Users > User Name > Security Credentials > Access Keys (Create access key) > Command Line Interface (CLI)
Alternatives recommended
•
AWS CloudShell
◦
Available in certain Regions: AWS Documentation
•
AWS CLI V2
AWS SDK
•
AWS Software Development Kit (AWS SDK)
•
Language-specific APIs (set of libraries)
•
Enables you to access and manage AWS services programmatically
•
Embedded within your application
