SAGARFIVE

SAGAR5

1. Basics of AWS & Infrastructure

2. AWS IAM - User Administration

3. AWS EC2 - Elastic Compute Cloud

 IAM Features

Sagar

Sagar

  1. Free to use : AWS Identity and Access Management (IAM) features of your AWS account offered at no additional charge. you are charged only when you access other AWS services.
  2. Shared access to your AWS account : You can grant other people permission to administer and use resources in your AWS account without having to share your password or access key.

Example : IAM User with Administrator access policy

  1. Granular permissions : You can grant different permissions to different people for different resources.

Example : you might allow some users complete access to Amazon Elastic Compute Cloud (Amazon EC2), Amazon Simple Storage Service (Amazon S3), Amazon DynamoDB,

  1. Centralized control of your AWS account: You can control Create, Modify and cancellation of each user’s security credentials at IAM Dashboard.
  2. Secure access to AWS resources for applications that run on Amazon EC2 :  IAM features to securely provide credentials for applications that run on EC2 instances. These credentials provide permissions for your application to access other AWS resources.
  3. Multi-factor authentication (MFA) : You can add two-factor authentication to your account and to individual users for extra security.

Example : Virtual Authenticator app (Google Authenticator, Microsoft Authenticator), Security Key (YubiKey or other supported FIDO security key),

Hardware TOTP token(Time-based one-time password)

  1. PCI DSS Compliance : PCI DSS (Payment Card Industry Data Security Standard) is a compliance framework. If you are taking credit card information, then you need to pay for compliance with the framework.
  2. Integrated with many AWS services : Giving special/particular access for AWS Services using IAM. [2]
  3. Identity information for assurance : Logs each and every action made using user accounts using the services Cloud Trail
  4. Identity federation : You can allow users who already have passwords elsewhere—for example, in your corporate network or with an internet identity provider—to get temporary access to your AWS account.

For Official Documentation [1]

Read More :

[1] https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html?icmpid=docs_iam_help_panel

[2] https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html

Share

Facebook
LinkedIn
WhatsApp
Pinterest
Telegram
Email

Share