8
Developer Employee Transitions When You're an AWS Shop
source link: https://fuzzyblog.io/blog/aws/2017/03/14/developer-employee-transitions-when-you-re-an-aws-shop.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Developer Employee Transitions When You're an AWS Shop
Mar 14, 2017
So I find myself advising a former employer on how to lock out an employee with fairly pervasive access (and, yes, I am the employee). Here was my advice:
- The safest option would be to move to white listing all ip addresses needed for SSH login. That would be an absolute ban on any incoming SSH logins from the old employee and, while inconvenient, is a wonderful means to lock down a system.
- Re-issue a new SSH pem file.
- Delete the old SSH pem file on your machine and then verify login to at least 2 systems with the new PEM file. I'd make sure to verify access to the primary db server using the new PEM file but that's just me.
- De-authorize the old PEM file.
- Delete the API keys that the employee had access to. Make sure that you delete them in all regions where they were valid.
Posted In: #aws #management
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK