How to allow IAM users to setup their own virtual MFA devices

Posted by Ali on Server Fault See other posts from Server Fault or by Ali
Published on 2014-06-07T16:04:26Z Indexed on 2014/06/08 15:30 UTC
Read the original article Hit count: 362

Filed under:

amazon-web-services

|

amazon-iam

I want to let my IAM users to setup their own MFA devices, through the console, is there a single policy that I can use to achieve this?

So far I can achieve this through a number of IAM policies, letting them list all mfa devices and list users (so that they can find themselves in the IAM console and ...

I am basically looking for a more straight forward way of controlling this.

I should add that my IAM users are trusted users, so I don't have to (although it will be quite nice) lock them down to the minimum possible, so if they can see a list of all users that is ok.

© Server Fault or respective owner

Related posts about amazon-web-services

amazon web services and sql server support

as seen on Server Fault - Search for 'Server Fault'
Hi All, I have built my application using sql server 2008 and .net framework 3.5 I am looking for a sclable hosting service and have come to think of amazon web services. Does amazon also support hosting of sql server 2008 databases? What hosting services do you advise Thank you. >>> More
Unable to list owned images and running instances from Amazon Web Services using Zend Framework

as seen on Stack Overflow - Search for 'Stack Overflow'
I am using Zend Framework's library to manage EC2 instances and AMI. However I can't list the AMI's I own and can't list existing EC2 instances. $ec2Instance = new Zend_Service_Amazon_Ec2_Instance($awsAccessKey, $awsSecretKey); $instances = $ec2Instance ->describe(); $ec2Instance -describe()… >>> More
Amazon Web services - retrieving a wishlist

as seen on Stack Overflow - Search for 'Stack Overflow'
I've been tinkering with Yahoo Pipes and the Amazon E-Commerce Service (ECS) SDK to retrieve my wishlist. The problem is that although I can get all the items on my wishlist just fine, it seems to include items that I've deleted too. Has anyone else used this API and noticed this? Is there a way… >>> More
Amazon Web Services: A Developer Primer

as seen on Internet.com - Search for 'Internet.com'
With Amazon Web Services (AWS), developers get both scalable services that they can use to architect their applications and the flexibility to run any software on Amazon's compute cloud. >>> More
amazon web services

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, Has anyone of you worked on amazon web services? I just wanted to retrieve the citations of a given book. Is this possible using the aws? Is aws free? Thanks. >>> More

Related posts about amazon-iam

How can I manage AWS VPC ssh access accounts and keys across multiple instances?

as seen on Server Fault - Search for 'Server Fault'
I am setting up a standard AWS VPC structure: a public subnet some private subnets, hosts on each, ELB, etc. Operational network access will be via either an ssh bastion host or an openvpn instance. Once on the network (bastion or openvpn), admins use ssh to access the individual instances. From… >>> More
How to allow IAM users to setup their own virtual MFA devices

as seen on Server Fault - Search for 'Server Fault'
I want to let my IAM users to setup their own MFA devices, through the console, is there a single policy that I can use to achieve this? So far I can achieve this through a number of IAM policies, letting them list all mfa devices and list users (so that they can find themselves in the IAM console… >>> More
AWS EC2 - How to specify an IAM role for an instance being launched via awscli

as seen on Server Fault - Search for 'Server Fault'
I am using the "aws ec2 run-instances" command (from the awscli package) to launch an instance in AWS EC2. I want to set an IAM role on the instance I am launching. The IAM role is configured and I can use it successfully when launching an instance from the AWS web UI. But when I try to do this… >>> More
What are the steps needed to set up and use security for AWS command line tools?

as seen on Server Fault - Search for 'Server Fault'
I've been trying to set up the AWS command-line tools following Eric's most useful guide at http://alestic.com/2012/09/aws-command-line-tools. I can't seem to find a good how-to for how to generate the x509 certificate and private key, and how that relates to the various security files the guide… >>> More