AWS IAM notes

IAM stands for Identity and Access Management. It is used to control access to AWS resources.

  • Not region specific unlike most AWS resources.
  • Users are people who will access your AWS resources.
  • Root account is the email ID with which your account was created.
  • It is advisable not to use the root account.
  • It is recommended to enable MFA for the root account.
  • Group is a way to combine users so we can apply policy to a group of users.
  • Roles is a way for resource to access another resource. Example would be permission for EC2 to access S3
  • Policy Documents are written in JSON and it is a key value pairs.
  • Policies can be attached to users, groups and resources.
  • Users have no permission by default. They will able to login but will not be able to do anything.
  • Users are assigned Secret Key ID and Secret Access Key. This is for communicating with AWS via API, CLI and SDK.
  • Users cannot login to the console using Secret Key ID and Secret Access Key.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s