AWS Permissions Guidelines
Page last updated:
Pivotal recommends that you minimize the use of admin-level account credentials by creating an IAM role and instance profile with the minimum required EC2, VPC, and EBS credentials.
In addition, Pivotal recommends that you follow AWS account security best practices such as disabling root keys, using multi-factor authentication on the root account, and using CloudTrail for auditing API actions.
For more Amazon-specific best practices, refer to the following Amazon documentation: