How to enable mfa bucket delete using lambda function and include on terraform


I am using terraform code for doing deployment in aws. My requirement is i have to enable MFA delete on s3 bucket using terraform.

As analyze found no support on cloudformation template. So thought to proceed to use lambda function and include on cloudformation template of s3 bucket

But here noticed the problem, for enabling mfa we must use root account access key and secretkey and also mfa otp. How to achieve in lambda function. Can anybody suggest me.

Or else any best suggestion for my scenario, please let me know

已提问 2 个月前178 查看次数
1 回答

Hi. Using the root account credentials and MFA in a Lambda function is generally not recommended, as it goes against the principle of least privilege and secure access management practices. Instead, you can achieve the same goal by following the AWS recommended approach, which involves using an AWS Identity and Access Management (IAM) role with the necessary permissions to enable MFA Delete on the S3 bucket.

profile pictureAWS
已回答 2 个月前

您未登录。 登录 发布回答。