- Newest
- Most votes
- Most comments
Hi, If you have not received any notifications from AWS stating that there has been unintended access to your AWS resources, then you may have resources within your account that have been inadvertently created with LightSail permissions.
As you have stated that this may not be the case, best practices state that you may need to Rotate and delete all your AWS access keys, rotate any potentially unauthorized IAM user credentials, delete unrecognized/unauthorized resources, and/or Verify the security of your account information.
Create an IAM policy that grants access to LightSail, then create an IAM group and attach the policy to the group. Then you can create IAM user you want to give access and make them members of a group which gives them access to LightSail.
You can also refer to these articles for detailed information: https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-managing-access-for-an-iam-user https://aws.amazon.com/premiumsupport/knowledge-center/potential-account-compromise/
For future reference: If you believe that there has been potentially unwanted activity on your AWS account, you can enable Amazon GuardDuty for monitoring and detecting any unrecognized activity within your AWS account.
