Skip to main content Link Menu Expand (external link) Document Search Copy Copied
DevSecOps Guides

AWS Security Checklist for DevSecOps

Table of contents

  1. Enable multi-factor authentication (MFA)
  2. Set a strong password policy
  3. Enable advanced security features
  4. Limit the number of devices a user can remember
  5. Set a session timeout for your user pool
  6. Enable account recovery method
  7. Monitor and log all sign-in and sign-out events
  8. Restrict access to your user pool only from certain IP ranges

List of some best practices to AWS for DevSecOps

Enable multi-factor authentication (MFA)

aws cognito-idp set-user-mfa-preference

Set a strong password policy

aws cognito-idp update-user-pool

Enable advanced security features

aws cognito-idp set-user-pool-policy

Limit the number of devices a user can remember

aws cognito-idp set-device-configuration

Set a session timeout for your user pool

aws cognito-idp update-user-pool-client

Enable account recovery method

aws cognito-idp set-account-recovery

Monitor and log all sign-in and sign-out events

aws cognito-idp create-user-pool-domain

Restrict access to your user pool only from certain IP ranges

aws cognito-idp update-resource-server