We take your security very seriously.
All network connections in to and out of the Skeddly network uses HTTPS and SSL. So any sensitive data is encrypted as it travels through the internet. This includes:
All sensitive data is encrypted using AES-256 encryption while the data is "at rest". This is the same encryption that Amazon uses to encrypt S3 data and RDS databases while "at rest".
For the security of your Skeddly accounts, we recommend using multi-factor authentication (MFA, 2FA, OTP, etc.) We support Google Authenticator and Mobile OTP multi-factor authentication devices.
Third-party tools (such as Skeddly) can use two methods of accessing your AWS account:
IAM Roles are more secure because they are restricted to be used by a single third-party. They are the recommended way to allow third-party tools to access your AWS account:
Skeddly supports the use of IAM Roles.
Some third-party tools give you a "minimum set" of permissions with which they access your AWS account. Some of those "minimum sets" include permissions for everything the tool can do. Some even go so far as to require full access to your AWS account.
But what if you don't want the tool to do everything? For example, what if you don't want the tool to start or stop your EC2 instances? Why give them permission to do that?
Skeddly assumes zero permissions and allows you to "opt-in" by only adding permissions that are needed for the functionality you actually want to do.
So if you don't want Skeddly to start or stop your EC2 instances, you don't need to include those permissions.
Skeddly includes an IAM Policy Document Generator. It is the first of its kind amongst AWS third-party tools.
It will generate a minimum-permission IAM policy document for you based only on the actions you want Skeddly to perform. It is very easy to use. You simply cut and paste the generated policy document from Skeddly into the AWS Management Console.
This gives Skeddly just enough permissions to do what you want it to do, and nothing more.