Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Scribd
Upload
24 views

AWS - IAM Users

AWS - IAM Users

Uploaded by

Kola Siri
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
24 views

AWS - IAM Users

AWS - IAM Users

Uploaded by

Kola Siri
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Amazon Web Services

Identity & Access Management


AWS Identity and Access Management (IAM) enables
you to manage access to AWS services and resources
securely. Using IAM, you can create and manage AWS
users and groups, and use permissions to allow and

ri
deny their access to AWS resources. IAM can also keep
our account credentials private.
ad
When we first create an AWS account, it has complete
access to all AWS services. This identity is called the
AWS account root user
sh
Se

Dr.U.Seshadri - 9441319889 1
IAM Features:
Shared access to the AWS account: The main feature
of IAM is that it allows you to create separate
usernames and passwords for individual users or
resources and delegate access. • Multifactor
authentication (MFA): IAM supports MFA, in which
users provide their username and password plus a

ri
one-time password from their phone a randomly
generated number used as an additional authentication
ad
factor.
Identity Federation: If the user is already
authenticated, such as through a Facebook or Google
sh
account, IAM can be made to trust that authentication
method and then allow access based on it.
Free to use: There is no additional charge for IAM
Se

security. There is no additional charge for creating


additional users, groups or policies.
Password policy: The IAM password policy allows you
to reset a password or rotate passwords remotely.
Granular permissions: Each user can be granted with
different set granular permissions as required to perform
their job

Dr.U.Seshadri - 9441319889 2
IAM Important Terms:

ri
ad
sh

Types of Accounts:
Se

1. Root User
2. IAM User
Root User:
● Root Account Credentials are the email address
and password with which we sign in into the AWS
account.

Dr.U.Seshadri - 9441319889 3
● Root Credentials has full unrestricted access to
AWS account including the account security
credentials which include sensitive information.
● An Administrator account can be created for all the
activities which too has full access to the AWS
account except the accounts security credentials,
billing information and ability to change password.

ri
IAM User:
● IAM user represents the person or service who
ad
uses the access to interact with AWS.
● IAM user starts with no permissions and is not
authorized to perform any AWS actions on any
sh
AWS resources and should be granted permissions
as per the job function requirement.
● Each IAM user is associated with one and only one
Se

AWS account.
● IAM User cannot be renamed from AWS
management console and has to be done from CLI
or SDK tools.
Steps for Creating IAM Users:
● Create Two IAM users

Dr.U.Seshadri - 9441319889 4
● One user will access only EC2 Machines & Second
user will access only S3 Buckets.
● Go to IAM
● Click on Users
● Click on Add Users
● Enter the user name
● Select AWS Access Type.

ri
● We can connect our AWS account with 2 ways
1. Console Access (Graphical Access)
ad 2. Command Line Interface (CLI)
● Select custom password & enter the password
● Uncheck require password reset
sh
● Click on Next: Permissions
● Click on Attach existing policies directly
● Search the EC2 full Access policy
Se

● Select the policy


● Click on Next: Tags
● Click on Next: Review
● Click on Create user
● Create Another User Given S3 Full Access
● Note down the console ID of your root user
● Go to the AWS URL

Dr.U.Seshadri - 9441319889 5
● Select IAM User
● Enter the Account ID (Console ID)
● Click on Next
● Enter IAM user name & password
● Click on Sign In
● Change the Password

ri
ad
sh
Se

Dr.U.Seshadri - 9441319889 6

You might also like