Scribd
Upload
73 views2 pages

IAM 101 Summary Subtitles

This lecture provides a summary of Identity and Access Management (IAM) 101. IAM consists of users, groups, roles, policies, and resources that define permissions. The lecture demonstrates how to create users and groups, assign policies to grant permissions to resources, and create roles for services to access other services. It also covers best practices for the root account, enabling multi-factor authentication, and creating password rotation policies.

Uploaded by

Amit Jain
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
73 views2 pages

IAM 101 Summary Subtitles

This lecture provides a summary of Identity and Access Management (IAM) 101. IAM consists of users, groups, roles, policies, and resources that define permissions. The lecture demonstrates how to create users and groups, assign policies to grant permissions to resources, and create roles for services to access other services. It also covers best practices for the root account, enabling multi-factor authentication, and creating password rotation policies.

Uploaded by

Amit Jain
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 2

Hello Cloud Gurus

and welcome to this lecture.


And this lecture is going to be a summary
of Identity Access Management 101.
So we're gonna cover off everything that we've learned
and also are gonna be telling some of the exam tips
that we have for this section as well.
So let's get started.
So what have we learned so far?
Identity Access Management consists of users,
groups, roles, policy documents and if you remember the lab
we created a couple of users.
We also created a couple of groups
and we used those groups to apply
permissions policies to those users.
And we also applied policies directly to the users.
And we have an example of a policy document here
written in JSON.
And the document is written as a series of key-value pairs.
So under the Version, we then have the Statement.
The Effect is Allow and the Action is to allow all actions
across all resources.
So this policy document would give full access
to everything within AWS.
And then finally, in our lab we also created a role
and we created a role which can be used by an EC2 instance
to allow access to read and write files within S3.
Since the access management is universal
it doesn't apply to regions at this time.
So what does that mean?
It just means that Identity Access Management is global
and anything you set up within IAM can be viewed
and utilized by any region.
The root account is simply the account you created
when you first set up your AWS account.
So that's the email address that you used
when you first registered your account with AWS
and it has complete admin access
so of course for day to day activities
we shouldn't be using the root account.
Instead, we should be creating
Identity Access Management users
and making sure those users have the permissions
and privileges they need to do their jobs.
New users have no permissions at all
when they're first created,
so we need to explicitly add the permissions
they need to do their role.
For example, in the lab we added permissions for S3
and Glacier for our HR user to enable them
to access those AWS services.
New users are assigned the Access Key ID
and Secret Access Key when they're very first created.
And these are not the same as a username and password.
You can't use the Access Key and Secret Access Key
to login to the AWS console
but you can use it to access AWS via the API
and command line interface from your local desktop.
And you only get to view and download
the file containing your Access Key
and Secret Access Key one time
when you initially create them.
And after that, you can still view the Access Key
but you cannot view the Secret Access Key again,
so if you lose your Secret Access Key,
you are going to need to regenerate new keys.
So do make sure that you save your Secret Access Key
in a safe location.
Always set up Multifactor Authentication or MFA
on your root account
and that's another thing that we did in the lab.
And finally, you can create and customize
your own password rotation policies.
So that's the end of this section.
Well done for completing this section.
If you have questions, please let me know.
Otherwise, please join us in the next lecture.
Thank you.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy