From Govardhana Miriyala Kannaiah.
Each practice enhances cloud access control and security framework
𝟭. 𝗣𝗿𝗶𝗻𝗰𝗶𝗽𝗹𝗲 𝗼𝗳 𝗟𝗲𝗮𝘀𝘁 𝗣𝗿𝗶𝘃𝗶𝗹𝗲𝗴𝗲 (𝗣𝗼𝗟𝗣): Grant minimal necessary permissions to users, avoiding broad access to prevent security risks and breaches
𝟮. 𝗠𝘂𝗹𝘁𝗶-𝗙𝗮𝗰𝘁𝗼𝗿 𝗔𝘂𝘁𝗵𝗲𝗻𝘁𝗶𝗰𝗮𝘁𝗶𝗼𝗻 (𝗠𝗙𝗔): Enable MFA for all users, adding an extra security layer with identity verification beyond passwords
𝟯. 𝗣𝗲𝗿𝗺𝗶𝘀𝘀𝗶𝗼𝗻 𝗕𝗼𝘂𝗻𝗱𝗮𝗿𝗶𝗲𝘀: Leverage permission boundaries for delegated permissions management within an account
𝟰. 𝗦𝗶𝗻𝗴𝗹𝗲 𝗦𝗶𝗴𝗻-𝗢𝗻 (𝗦𝗦𝗢): Manages user identities across multiple cloud services, simplifying provisioning, deprovisioning, and ensuring consistent access control
𝟱. 𝗦𝘁𝗿𝗼𝗻𝗴 𝗣𝗮𝘀𝘀𝘄𝗼𝗿𝗱 𝗣𝗼𝗹𝗶𝗰𝗶𝗲𝘀:
𝟲. 𝗦𝗲𝗰𝗿𝗲𝘁𝘀 𝗥𝗼𝘁𝗮𝘁𝗶𝗼𝗻: Periodically rotate access keys and credentials, such as API keys and secret keys to minimize unauthorized access risks
𝟳. 𝗥𝗼𝗹𝗲 𝗕𝗮𝘀𝗲𝗱 𝗔𝗰𝗰𝗲𝘀𝘀 𝗖𝗼𝗻𝘁𝗿𝗼𝗹 (𝗥𝗕𝗔𝗖): Use RBAC for streamlined access management and appropriate permissions based on predefined roles and responsibilities
𝟴. 𝗙𝗲𝗱𝗲𝗿𝗮𝘁𝗶𝗼𝗻: Enables secure, temporary access delegation to users from external identity providers, granting resource utilization without permanent credentials
𝟵. 𝗔𝗰𝘁𝗶𝘃𝗶𝘁𝘆 𝗟𝗼𝗴𝗴𝗶𝗻𝗴 𝗮𝗻𝗱 𝗠𝗼𝗻𝗶𝘁𝗼𝗿𝗶𝗻𝗴: Improves visibility into user actions, aiding in detection of suspicious or unauthorized activities
𝟭𝟬. 𝗣𝗲𝗿𝗶𝗼𝗱𝗶𝗰 𝗥𝗲𝘃𝗶𝗲𝘄 𝗮𝗻𝗱 𝗔𝘂𝗱𝗶𝘁: