Grasp the principles of Identity and Access Management (IAM) on Amazon Web Services. Learn how to setup access policies to enable users to access different services and perform actions. Follow the tutorials to start working with IAM.
Examples
Exercises
Context
In cloud computing, we combine multiple services to perform some functionality. Within a cloud computing platform, such as AWS, we perform each action as a principal (user, role, app, ..). By default, cloud platforms enforce a zero trust policy model on principals. This means that principals are not allowed to perform any actions on any services until they are explicitly whitelisted with a policy.
AWS Identity and Access Management (IAM) is a web service that helps to securely control access to AWS resources. With IAM, we can centrally manage permissions that control which AWS resources users can access. We use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.
What is IAM? - AWS Identity and Access Management
The general overview provides definitions for terms used in IAM. Principals are users, roles, or applications that must authenticate. Policies are used to grant principals the authority to perform actions on resources.
With the IAM policy simulator, you can test and troubleshoot identity-based policies and IAM permissions boundaries.
