By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How to Stop someone from accessing the lightsail Instance.

0

someone is able to access lightsail instances using a non-existent username how to resolve this problem? (the username used is "admin-d" ?) I was able to check it through cloudtrail logs. This user name doesn't exist in the aws iam users and I am concerned that there might be leaks within my account. How to resolve any security lapses within my account.

Topics
ComputeSecurity, Identity, & ComplianceManagement & GovernanceAWS Well-Architected Framework
Tags
Amazon LightsailSecurity, Identity, & ComplianceAWS Identity and Access ManagementAWS CloudTrailSecurity
Language
English
AWS-User-1518540
asked 2 years ago457 views
2 Answers
0

Hi, If you have not received any notifications from AWS stating that there has been unintended access to your AWS resources, then you may have resources within your account that have been inadvertently created with LightSail permissions.

As you have stated that this may not be the case, best practices state that you may need to Rotate and delete all your AWS access keys, rotate any potentially unauthorized IAM user credentials, delete unrecognized/unauthorized resources, and/or Verify the security of your account information.

Create an IAM policy that grants access to LightSail, then create an IAM group and attach the policy to the group. Then you can create IAM user you want to give access and make them members of a group which gives them access to LightSail.

You can also refer to these articles for detailed information: https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-managing-access-for-an-iam-user https://aws.amazon.com/premiumsupport/knowledge-center/potential-account-compromise/

For future reference: If you believe that there has been potentially unwanted activity on your AWS account, you can enable Amazon GuardDuty for monitoring and detecting any unrecognized activity within your AWS account.

Brensophab
answered 2 years ago
0

Hello,

Thank you for reaching out to AWS re:Post. I understand that you are having an issue with unauthorized access in your Lightsail instance.

I recommend these 3 steps to your Lightsail instance. Create an IAM policy for Lightsail access -> Create an IAM group for Lightsail access and attach the Lightsail access policy just created -> Create an IAM user and add the user to the Lightsail access group. I have attached a link that goes more in detail regarding practice.[1]

There also specific steps you can take regarding safety that depend on the work you are doing in Lightsail. I recommend taking a more in-depth look at this link, which goes over different access management practices you can use with Lightsail.[2]

Please contact if you have any further questions, and feel free to reach out to us via a support case to facilitate a discussion on the specifics of your resources.

[1] Access management - https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-managing-access-for-an-iam-user

[2] IAM management - https://lightsail.aws.amazon.com/ls/docs/en_us/articles/security_iam

Praneetha_G
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content