If you are being granted an IAM login with AdministratorAccess, this provides full control over the AWS environment. To ensure the security of the infrastructure, you must follow these rules:

1. Enable Multi-Factor Authentication (MFA) Immediately - Enable MFA using a TOTP app such as Authy, Google Authenticator, or 1Password. This is required. If your MFA device is lost or reset, notify Reliable Penguin immediately.

2. Do Not Create Access Keys - This account is for console access only. Do not create access keys. If you need programmatic access, request a separate IAM user or role with limited permissions.

3. Do Not Share Your Credentials - Credentials are for your use only. If someone else requires access, they should receive their own IAM user or role.

4. Do Not Modify or Delete Security Resources - Do not alter IAM policies or roles you did not create. Do not make changes to GuardDuty, Security Hub, AWS Config, or the root account. Contact the Reliable Penguin for changes to security settings.

5. Use This Account Only When Required - Use this account only when administrator-level access is needed. For daily development work, request a lower-privilege IAM identity.

6. Log Out When Done and Avoid Public Machines - Always log out of your session when finished. Do not use this account from public or shared computers.

7. All Actions Are Logged - All activity is recorded using AWS CloudTrail and may be audited.