SEC 1: How do you manage credentials and authentication?

Credentials and authentication mechanisms include passwords, tokens, and keys that grant access directly or indirectly in your workload. Protect credentials with appropriate mechanisms to help reduce the risk of accidental or malicious use.

Resources

AWS re:Invent IAM Best Practices
The AWS Account Root User
IAM Best Practices

Best Practices:

Improvement Plan

Define credential and authentication management requirements
Define requirements that will help you manage credentials and authentication in your workload.

Protect AWS accounts

Secure credentials

Use services and tools

Resources from partners
Access & Control
Infrastructure Software/Security