Security best practices for Amazon Pinpoint

Use AWS Identity and Access Management (IAM) accounts to control access to Amazon Pinpoint API operations, especially operations that create, modify, or delete Amazon Pinpoint resources. For the Amazon Pinpoint API, such resources include projects, campaigns and journeys. For the Amazon Pinpoint SMS and Voice API, such resources include phone numbers, pools and configuration sets.

Create an individual user for each person who manages Amazon Pinpoint resources, including yourself. Don't use AWS root credentials to manage Amazon Pinpoint resources.
Grant each user the minimum set of permissions required to perform his or her duties.
Use IAM groups to effectively manage permissions for multiple users.
Rotate your IAM credentials regularly.

For more information about Amazon Pinpoint security, see Security in Amazon Pinpoint. For more information about IAM, see AWS Identity and Access Management. For information on IAM best practices, see IAM best practices.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Configuration and vulnerability analysis

Quotas