Identity Access Management (IAM)

Identity Access Management

Global - no need to specify a region
Once created, this is applicable GLOBALLY.

3 ways to access AWS Console

Console
Programmatically (was-cli)
SDK

Root Account

Email address used to setup the AWS account
Has full administrator access
Secure with Multi-Factor Authentication
Create users for each individual for your organisation

Group

Store your users
Could apply policy to a group
Members of that group get the same access

IAM Best Practices

Root Account

Do not use for login
Create a “working account”

MFA

Always enable

Users

One user = One real human being

User/Groups/Policies

Always place users in groups.
Apply policies to groups.

Password Policies

Have a strong password rotation policy

Access Keys

Use access keys for programmatic access

Roles

Use roles to access other AWS services.

IAM Credential Report

Use IAM credential reports to audit the permissions of your users/accounts.

19

Tags:

Aws Cloudpractitioner

Related Posts

How I passed the AWS Certified Cloud Practitioner Exam?

How to schedule ECS Services in AWS easily

Scaling AWS EC2 Instances

How I created a google forms clone using AWS

Appropriate instance type depending on your workflow in AWS

Working with parameters and variables in Amazon Managed Workflows for Apache Airflow

Visualize Your Hardware Topology Using hwloc

Hashicorp Terraform Associate Certification Study Course. Pass the Exam in 2 hours!