Introduction
In this blog, we're going to learn about multi-factor authentication through identity access management. This is one of the most important AWOL services. Multi-factor authentication is an authentication method in which the user will get access only after successfully presenting two or more pieces of evidence to an authentication mechanism.
Step 1:
Go to AWS Management Console and select IAM service under the Security, Identity and Compliance section. Please check the below figure.
Step 2:
On a click of the IAM option, we will get the below page.
Step 3:
The very first thing we're going to do is activate multi-factor authentication or MFA on our route account. You might be thinking, what is a route account? A route account is just the username of the email address that you first signed up with AWOL. This route account is not secure because it does have god mode access. So what you want to do is enable multi-factor authentication. If someone steals your username and password, they will not be able to log in without multi-factor authentication. To enable MFA please click on Activate MFA on your root account option. Please check the below figure.
Step 4:
Click on the Manage MFA button and click on the continue security credentials button then we can see Activate MFA option. Please check the below figure.
Click on the ActivateMFA button and here you will get the three different types you've got virtual MFA. Please check the below figure.
I would just use the virtual MFA and you can download the Google Authenticator app and you can do that on the Google Play Store or on the Apple App Store so just type in Google Authenticator. Once you've downloaded that, go ahead and continue. I'm going to go ahead and hit click here to show the QR code.
Now what I would do before you open that app is to take a photo of this QR code and store it somewhere safe. That means that if you lose your multi-factor authentication device or if you lose your phone for example. So long as you have access to this QR code you can always re-enable MFA and you don't have to worry about contacting the AWS support team. Once you've installed Google Authenticator on your phone you'll see a screen that looks similar to this you might not have any authentication codes in there.
Step 5:
Now enter your MFI codes here.
Then click on the Assign MFA button to enable virtual MFA. Then come back to the landing page now you can see MFA is activated. Please check the below figure.
Summary:
What we learned so far:
- IAM and Root account
- Multi-factor Authentication set up for AWS account
I hope that you find it helpful.
Eat->Code->Sleep->Repeat.