To create a secure baseline we will follow the CIS Foundation benchmark recommendations. The recommendations include four main categories,
- Identity and Access Management
- Logging
- Monitoring
- Networking
We will perform changes and modify certain configuration in the four broad sections above to harden our new AWS account. CIS benchmarks provides a list of rules or configuration checks that we can do to check if our account is secure enough or not.
To perform the audit and make changes, we would need a account with administrative privileges. We will use the root account to create another account called security-auditor or iamadmin and create access keys for the account. We will use AWS-CLI for most of the audit that we do.