Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Establish Multi-Factor Authentication to AWS users #22

Open
6 tasks
Tracked by #24
JasonEb opened this issue Feb 21, 2023 · 3 comments
Open
6 tasks
Tracked by #24

Establish Multi-Factor Authentication to AWS users #22

JasonEb opened this issue Feb 21, 2023 · 3 comments
Labels
complexity: medium feature: security role: security engineer size: 3pt Can be done in 13-18 hours
Milestone
02 security

Comments

@JasonEb
Copy link

JasonEb commented Feb 21, 2023
edited by sudhara
Loading

Overview

As developers and infrastructure engineers, we would like to establish Multi-Factor Authentication(MFA) to our AWS account for new users.

Currently, no MFA is enforced except for those who opted in. We would like to improve our security by enforcing MFA and creating a Ops wiki guide to demonstrate how to use MFA.

Action Items

  • Determine intial MFA requirements (ask the people on the ground what an ideal continuity plan looks like) and do a writeup.
  • present the write-up with the Ops CoP
  • Explore AWS and 1 Password MFA options
  • Make a written recommendation on how to manage MFA on the AWS IAM side
  • Get sign off
  • Create MFA Usage guide
  • may have to create an additional Templates/Guides issue for this item

Resources/Instructions

Resources
@JasonEb JasonEb mentioned this issue Mar 8, 2023
Closed
@bbelot bbelot self-assigned this Mar 9, 2023
@chelseybeck
Copy link
Member

chelseybeck commented Mar 3, 2024
edited
Loading

We should re-create this as a new issue in the devops-security repo where this is added via terraform configuration...perhaps also separate into two issues - one for creating the guide and one for adding permissions & policy enforcements

@robinglov robinglov mentioned this issue Mar 22, 2024
Open
@ExperimentsInHonesty ExperimentsInHonesty transferred this issue from hackforla/ops Mar 28, 2024
@chelseybeck
Copy link
Member

@samuelusc volunteered to rewrite this issue specific to Terraform

@samuelusc samuelusc self-assigned this Apr 25, 2024
@justinPemberton justinPemberton mentioned this issue Apr 25, 2024
Open
16 tasks
@samuelusc samuelusc removed their assignment Apr 25, 2024
@github-project-automation github-project-automation bot moved this to New Issue Review in CoP: DevOps: Project Board Jun 27, 2024
@sudhara sudhara modified the milestones: team workflow, security Aug 27, 2024
@sudhara
Copy link
Member

sudhara commented Aug 27, 2024

Is this issue okay as-is or does it need to be rewritten, now that we are using Infrastructure as code for incubator vs GUI interface?

@ale210 ale210 moved this from New Issue Review to Prioritized Backlog in CoP: DevOps: Project Board Sep 26, 2024
@ale210 ale210 added the good first issue Good for newcomers label Sep 26, 2024
@sudhara sudhara removed the good first issue Good for newcomers label Oct 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
complexity: medium feature: security role: security engineer size: 3pt Can be done in 13-18 hours
Projects
CoP: DevOps: Project Board
Status: Prioritized Backlog
Milestone
02 security
Development

No branches or pull requests
7 participants
@ale210 @JasonEb @sudhara @bbelot @ExperimentsInHonesty @chelseybeck @samuelusc