The Yubikey CLI and AWS MFA
ACM.11 Considering the attack surface and MFA choices for our Security Batch Jobs
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
⚙️ Check out my series on Automating Cybersecurity Metrics. The Code.
🔒 Related Stories: AWS Security | IAM | MFA | Passwords | Yubikey
💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
As I was writing what I thought would be my next post on creating an AWS KMS Key to protect a secret in secrets manager a few other things popped up that required investigation and explanation. I already wrote about KMS key architecture considerations:
Before I can create a KMS Key I need to create the identities that are allowed to use the key, so I can grant them access in my KMS Key policy. I was going to create an AWS User, but I was trying to remember why AWS SSO didn’t work for me the last time I tried this.