AMI security considerations


Disable unsecure applications:-

Disable services and protocols that use clear text authentication.


Minimize exposure:-

Disable non-essential network services on startup.

Disable default services like file sharing, print spooler, and RPC if not needed.


Protect credentials when baking AMIs :-

Delete all AWS and third-party credentials from disk and configuration files.

Delete all user SSH public and private key pairs.

Remove and disable passwords for all user accounts.


Comments

Popular posts from this blog

Core 5 Security Epics in AWS Cloud

Why do you need to monitor your network?

How to change Domain account logging password