Overview
Customers often require detailed information about the password parameters in place for EngineYard, specifically regarding password complexity, history, expiration, and account lockout threshold. This information is crucial for auditing purposes.
The key areas of interest include how EngineYard manages access to instances and the user interface, the encryption standards used for SSH keys, the policy on password expiration and account lockouts, and the frequency of credential rotation for connecting to AWS.
Solution
EngineYard manages access to instances through SSH keys:
- Customers provide and manage their own keys, while the platform manages the internal ones.
- These internal keys are per-instance and tied to the lifetime of the instance.
- The SSH keys are created using RSA, with a length of 4096 bits.
For access to the EngineYard User Interface (UI):
- Customers create and manage their own passwords.
- EngineYard does not enforce password expiration, nor does it lock out customers.
- Two-factor authentication is available for customers to enable at their discretion.
The credentials used by the EngineYard Platform to connect to AWS are rotated every 90 days.
Summary
EngineYard uses SSH keys for instance access and allows customers to manage their own passwords for the UI. It does not enforce password expiration or account lockouts, but offers two-factor authentication. The platform's AWS connection credentials are rotated every 90 days.
FAQ
Q: How does EngineYard manage access to instances?
A: EngineYard manages access to instances through SSH keys. Customers provide and manage their own keys, while the platform manages the internal ones.
Q: What is the policy on password expiration and account lockouts in EngineYard?
A: EngineYard does not enforce password expiration, nor does it lock out customers. However, two-factor authentication is available for customers to enable at their discretion.
Q: How often are the credentials used by the EngineYard Platform to connect to AWS rotated?
A: The credentials used by the EngineYard Platform to connect to AWS are rotated every 90 days.
Comments
Article is closed for comments.