Introduction to AWS Identity Access Management (IAM)

Lab Details

  1. This lab walks you through creating IAM Users and adding them into IAM Groups.

  2. Duration: 30 Minutes

  3. AWS Region: Global


 What is IAM?

  • Stands for Identity and Access Management.

  • Web service that helps the user securely control access to AWS resources.

  • Used to control who is authenticated and authorized to use AWS resources.

  • The first "identity" is the creation of an account in the AWS portal.  On providing the email and password an Identity is created, and that's the "root user" holding all the permissions to access all resources in AWS.

  • The primary resources in IAM are users, groups, roles, policies, and identity providers.

  • IAM Group is a collection of IAM Users. You use groups to specify permissions for a collection of users, which can make those permissions easier to manage for those users.

  • IAM roles are like IAM Users in that they are both identities with permission policies that determine what the owner can access.

  • IAM Role does not have any credentials associated with them.

  • IAM Roles are intended to be assumed by anyone who needs them.

  • IAM can be used from the AWS CLI, AWS SDK, and AWS Management Console.

Architecture Diagram

Task Details

  1. Log into AWS Management Console.

  2. Create IAM Users.

  3. Create IAM Groups.

  4. Validation of the lab