top of page
Writer's pictureRohan Roy

Identity & Access Management

Updated: Jul 13, 2023

Identity and Access Management in AWS allows us to create

1. users

2. groups and

3. roles

Users are physical users, who would login to aws console and manage or work with different aws services.

Groups are collection of users. Access for all the users of a group can be controlled through the group policy.

Roles are assigned to aws resources or services to give permissions to interact with other aws services.


Region is global for IAM. In other words, all the changes made within IAM will reflect to all the available regions. So, whenever a user is created, it will be created globally and will be available in all the regions.


The "root account" has admin right.


Groups can only have users, not other groups.

Users don't have to belong to a group. A user can belong to multiple groups.


Access: Aws can be accessed in the following ways:

Console: using password + MFA

CLI: using access key

SDK: from the code, using access key

5 views0 comments

Recent Posts

See All

Macie

AWS Macie is a security service which uses Machine Learning and NLP to discover, classify and protect sensitive data stored in S3. Uses...

Athena

Athena is an interactive query service which is used to analyze and query data located in S3 using standard SQL. Athena is serverless,...

Storage Gateway

Storage Gateway connects an on-premise software appliance with cloud-based storage to provide seamless and secure integration between an...

Commenti


bottom of page