Detecting Failed Sign In Attempts to AWS and Alerting

Note: This content was originally published at the Simple AWS newsletter.

Imagine this scenario: You're careful with security, and you set up Multi-Factor Authentication for your AWS IAM or IAM Identity Center user. At one point, a malicious agent of evilness figures out your password, either via phishing, keylogging, or any other technique. The only thing standing between them and $50k in bitcoin mined on your AWS account (and the $500k AWS bill paid with your credit card) is …

agent alerting authentication aws center devops factor iam identity keylogging malicious multi-factor multi-factor authentication newsletter password phishing point scenario security sign simple tutorial