By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

How to enable mfa bucket delete using lambda function and include on terraform

0

I am using terraform code for doing deployment in aws. My requirement is i have to enable MFA delete on s3 bucket using terraform.

As analyze found no support on cloudformation template. So thought to proceed to use lambda function and include on cloudformation template of s3 bucket

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3-bucket.html

But here noticed the problem, for enabling mfa we must use root account access key and secretkey and also mfa otp. How to achieve in lambda function. Can anybody suggest me.

Or else any best suggestion for my scenario, please let me know

Topics
ServerlessComputeManagement & Governance
Tags
AWS LambdaAWS CloudFormationTerraform
Language
English
Subha
asked a year ago324 views
1 Answer
0

Hi. Using the root account credentials and MFA in a Lambda function is generally not recommended, as it goes against the principle of least privilege and secure access management practices. Instead, you can achieve the same goal by following the AWS recommended approach, which involves using an AWS Identity and Access Management (IAM) role with the necessary permissions to enable MFA Delete on the S3 bucket.

profile pictureAWS
StefanoB
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content