AWS | Yubico
Increased security posture with hardware security keys
for your organization and your users
Read the solution briefPhishing-resistant, hardware-based authentication for your AWS environments
Enterprise solutions
YubiKeys provide a bridge from legacy to modern authentication options.
Compliance & privileged users
YubiKeys address strong authentication and compliance requirements.
Consumer solutions
Microsoft users strengthen authentication with YubiKeys—from simple to complex scenarios.
Executive Order compliance
Government agencies can deploy federally validated, hardware-backed MFA across multiple applications and operating systems.
Supply Chain Integrity
YubiKeys and YubiHSM code signing helps secure the software supply chain.
Learn more>
Stop account takeovers and go passwordless for a wide variety of AWS use cases
AWS root users
Use a YubiKey to protect privileged access to AWS services and resources.
AWS IAM Roles Anywhere
Leverage the YubiKey to store cryptographic keys to support IAM roles to be used outside AWS.
Amazon Cognito
Create enterprise and consumer apps that leverage built-in support for phishing-resistant MFA and the YubiKey.
AWS IAM
Use a single YubiKey to access multiple IAM and root users across multiple AWS accounts.
AWS IAM and root users can use their YubiKey as a multi-factor authentication (MFA) device to add an extra layer of protection on top of their username and password.
AWS SSO
Secure user access to AWS accounts and applications using the YubiKey.
AWS SSO supports using WebAuthn to enable strongly attestable and phishing-resistant security across supported browsers using interoperable FIDO authenticators like the YubiKey.
AWS GovCloud
Leverage the YubiKey 5 Series and YubiKey FIPS series for the highest level of security to AWS GovCloud.
AWS GovCloud provides cloud services across all classification levels to US Federal, Department of Defense, State and Local Governments. AWS IAM now supports FIDO2 security keys in AWS GovCloud, allowing the use of the FIPS-validated YubiKey to provide the highest level of security and compliance. IAM policies can enforce enrollment with FIPS-certified devices.
YubiKey options for your AWS environment
The YubiKey, a multi-protocol phishing-resistant security key, secures legacy on-premises and modern cloud environments and can easily get you on the bridge to passwordless authentication when you’re ready.
The Security Key Series, YubiKey 5 Series, YubiKey 5 FIPS Series, and YubiKey Bio Series all provide the highest level of security for your AWS environments. AWS supports the full range of Yubico authenticators, so organizations can pick the device that provides the best features and value for usage in addition to AWS.
The YubiHSM keys secures organizations secrets in the cloud for workload identities and development.The YubiHSM 2 is available as a FIPS 140-2 validated, Level 3 solution, or as a non-FIPS solution, and both ensure uncompromised cryptographic hardware security for applications, servers and computing devices at a fraction of the cost and size of traditional HSMs.
Take our quiz to find out which YubiKeys are the best fit for you or your organizationFIPS certified YubiKeys can be used to build FedRAMP solutions on AWS
Yubico is an AWS Public Sector Partner and member of Authority to Operate on AWS.
Case studies
Case study
Smartsheet in partnership with Anitian and Yubico (both ATO partners) implemented YubiKeys to comply with FedRamp requirements.
Case study
Adding MFA for your AWS IAM and root users is an AWS IAM best practice. See how Avance Care implemented YubiKeys in their deployment.
Additional Resources
Yubico protects the world’s leading brands
Get started
Find the right YubiKey
Contact our sales team for a personalized assessment of your company’s needs.
