Enabling a FIDO Security Key (Console)

By Ashwin Venugopal -

 





To Enable a FIDO Security Key for Your Own IAM User (Console)

  • In order to sign-in to your IAM console, you can use your AWS account ID or account alias, your account IAM username, and your password.

  • You can choose your username and then My Security Credentials, in the navigation bar on the upper right.

  • Select Manage MFA Device in the MFA section on the AWS IAM Credentials tab.

  • Choose FIDO Security Key and then Continue in the Manage MFA device wizard,

  • Now insert the FIDO security key into your computer's USB port.

  • Tap the FIDO2 security key, and then choose Close when the setup is complete.

To Enable a FIDO Security Key for Another IAM User (Console)

  • You have to sign-in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/.

  • Choose Users in the navigation pane.

  • Now select the username to enable an MFA, and then the Security Credentials tab.

  • Choose Manage near the Assigned MFA device.

  • After that select the FIDO Security Key, and then Continue in the Manage MFA device wizard.

  • Insert the FIDO security key into your computer's USB port.

  • Lastly, tap the FIDO security key, and then Close when the setup is complete.


To Enable a FIDO Key for Your Root User (Console)

  • You have to sign-in to the IAM console as the account owner via Root user and enter your AWS account email address. Type your password on the next page.

  • Now select your account name and then My Security Credentials on the right side of the navigation bar. Select Continue to Security Credentials if necessary.

  • Expand the MFA section.

  • After that select Manage or Activate MFA, according to your preceding step.

  • Choose FIDO Security Key and then Continue in the wizard.

  • Insert the FIDO security key into your computer's USB port.

  • Lastly, tap the FIDO security key, and then Close when the setup is complete.











































Comments

Post a Comment

Popular posts from this blog

Information Protection Scanner: Resolve Issues with Information Protection Scanner Deployment

By Ashwin Venugopal -
Image
  About If you are experiencing problems with the Microsoft Purview Information Protection scanner, check the health of your deployment by utilizing the Start-ScannerDiagnosticsPowerShell cmdlet to start the scanner diagnostic tool. The diagnostics tool checks the following details and then creates a log files with the results: Whether the database is up to date. Whether network URLs are accessible. Whether there's a valid authentication token and policy can be acquired. Whether the profile is defined in the Azure portal. Whether offline/online configuration exists and can be acquired. Whether the rules configured are valid.  The Start-ScannerDiagnostics command does not perform a comprehensive check of prerequisites. If you encounter problems with the scanner, you need to verify that your system meets the scanner's requirements, and that your scanner's configuration and installation are finished.  Verify Scanning Details Per Scanner Node and Repository Run the Get-ScanSt...
Read more

How AMI Store & Restore Works?

By Ashwin Venugopal -
Image
  CreateStoreImageTask The CreateStoreImageTask API stores an AMI as a single object in an S3 bucket. The API initiates a task that collects all the data from the AMI and its associated snapshots, subsequently using an S3 multipart upload to store this data in an S3 object. It gathers all elements of the AMI, including most of the non-Region-specific metadata and all EBS snapshots included in the AMI, and consolidates them into a single object in S3. During the upload process, the data is compressed to minimize the space utilized in S3, which means that the S3 object could be smaller than the total sizes of the snapshots in the AMI. If the account making this API call has access to AMI and snapshot tags, they will be retained. The S3 object shares the same ID as the AMI, except it has a .bin extension. Additionally, the S3 metadata tags for the object include the AMI name, AMI description, AMI registration date, AMI owner account, and a timestamp indicating when the store operation...
Read more

Create A Store Image Task

By Ashwin Venugopal -
Image
  Introduction When you save an AMI in an S3 bucket, a task for storing the image is initiated. This store image task allows you to track the progress and result of the procedure. Securing your AMIs It is crucial to verify that the S3 bucket is set up with adequate security to protect the content of the AMI and that this security is upheld for the entire duration that the AMI objects are stored in the bucket. If this cannot be achieved, it is advisable to refrain from using these APIs. Make sure that public access to the S3 bucket is prohibited. It is suggested to activate Server-side encryption for the S3 buckets where you keep the AMIs, even though it’s not mandatory. When AMI snapshots are transferred to the S3 object, they are sent over TLS connections. It is possible to save AMIs that contain encrypted snapshots; however, the snapshots will be decrypted during the storing process. Identify the source AMI used to create a new Amazon EC2 AMI You can determine the AMI that was us...
Read more