SecureAnyCloud
Golden Images
  • About SecureAnyCloud
  • AWS CFT for WAMP with Aurora
    • Introduction
      • Overview
      • Resources
      • High Availability
      • Deployment time
    • Architecture
    • Getting Started
      • Pre-Requisites
    • Configuration
      • Service Limits
      • Network Configuration
      • Backup, maintenance & recovery
        • DR Strategy
    • After deployment
      • Support
      • SLA
      • Health Check
      • Auto-Scaling
    • Security Best Practices
      • Security for Amazon Aurora
        • Encryption
      • AWS EC2 Security
      • Secrets Management
        • Rotating Keys
      • Public Assets
    • Instance Sizing
    • Costing
  • CFT: Secured WAMP With Aurora - Windows 2016
  • MySql Change Password
  • PHP on cloud
  • [Stack_Name]
Powered by GitBook
On this page

Was this helpful?

  1. AWS CFT for WAMP with Aurora

Security Best Practices

PreviousAuto-ScalingNextSecurity for Amazon Aurora

Last updated 4 years ago

Was this helpful?

Use IAM to control access

IAM is an AWS service that you can use to manage users and their permissions in AWS.

Users require full access to manage all of the resources in a template.

AWS CloudFormation makes calls to create, modify, and delete those resources on their behalf. To separate permissions between a user and the AWS CloudFormation service, use a service role. AWS CloudFormation uses the service role's policy to make calls instead of the user's policy.

To deploy this product IAMRoleForStackCreation is required for the user

For more information, see .

Follow the principle of least privilege as described in this

AWS CloudFormation service role
link