Enable MFA (Multi-Factor Authentication) On Your Root AWS Account

April 2, 2024

This post will be the start of an AWS Account Setup series for startups that just received AWS credits.

The first thing you should do when setting up a new AWS Account is to enable multi-factor authentication (MFA) for the root AWS account.

The root AWS account is the initial account created when you sign up for AWS and has complete access to all AWS services and resources in the account. It is the most privileged user in an AWS account hierarchy and should be used sparingly, with Multi-Factor Authentication (MFA) enabled, and only for tasks that require root-level permissions.

Aim to have multiple keys for your root AWS account in case one gets lost or stolen. There’s a limit of 8 MFA devices per AWS user account.

Here’s a link to AWS documentation on how to setup MFA.

Join the 80/20 DevOps Newsletter

If you're an engineering leader or developer, you should subscribe to my 80/20 DevOps Newsletter. Give me 1 minute of your day, and I'll teach you essential DevOps skills. I cover topics like Kubernetes, AWS, Infrastructure as Code, and more.

Not sure yet? Check out the archive.

Unsubscribe at any time.