Use AWS Orgs
What’s AWS SSO called now?
- AWS Identity Center: Includes on-prem capability
What’s AWS Identity Center do?
- Syncs with Active Directory and such
How can you implement AWS security best practice for root/admin?
- Don’t use root accounts often
How to set max permissions that an identity-based policy can grant an IAM entity?
- Create a permissions boundary