Automated user migration and management of AWS Identity and Access Management (IAM) resources

Project description: In this project based on a real-world scenario, I acted as Cloud Specialist with the mission to migrate users in an automated way and manage AWS IAM (Identity and Access Management) resources.

There were 100+ users that needed to be migrated and have MFA (Multi-factor authentication) enabled on their accounts, as this is a security best practice. I migrated 6 users since the process of migrating 6 users and 100+ users is the same.

To avoid repetitive and manual tasks in the AWS console, I needed to think about automating the processes. Using GitBash with AWS CLI and Shell Script, I :

· Created User groups on AWS — Identity and Access Management (IAM) and added appropriate policies depending on the functionalities of each group.

· Automated the process of adding 6 On-premises users to their appropriate User group in AWS Cloud.

· Enabled multi-factor authentication (MFA) for the root user using google authentication to add extra security to my AWS account.

· Created a custom policy named “EnforceMFAPolicy” for the IAM users so that I can enable MFA for them as well (enforced MFA on all the users in all the User groups) for security purposes.

· Added the newly created policy to the policies for the User groups.

· Changed (strengthened) password policy to include at least an UPPERCASE, a lowercase and a number in AWS platform for all user to add another layer of security.

· Confirmed with a user (after adding MFA) that she needs a google authentication to login to her AWS account and since MFA is in place she can access the IAM platform, create users etc.

Below are screenshots of some successful stages in this migration project.