Identity and Access Management (IAM)

AWS Security and Cost Management Concepts

Dev Bhosale

Principal Data & Cloud Architect

Why IAM?

Why IAM

AWS Security and Cost Management Concepts

Who, what, and where?

AWS IAM is made up of principles, policies, and organizations

AWS Security and Cost Management Concepts

Users vs. Roles

Users have long term credentials. A user group is a collection of users

Roles have short term credentials and can not be grouped. They are assigned to machines

AWS Security and Cost Management Concepts

Policy

Policy on s3 bucket attached to an identity

Policy example. Allowing all actions on a certain s3 bucket

AWS Security and Cost Management Concepts

Identity Center

Identity Center

  • One tool to manage user access
  • Create new account
  • Connect to existing work accounts (e.g. Office 365, Google Apps)
  • Grant access to multiple AWS accounts
AWS Security and Cost Management Concepts

Let's practice!

AWS Security and Cost Management Concepts

Preparing Video For Download...