AWS Identity and Access Management (IAM), in the name itself we can understand that check the identity and provide access to the application. IAM enables you to security control access to AWS services and resources for your users. Using IAM, you can create and manage AWS users and groups and use roles and policies to allow and deny their access to AWS resources.
Here, we are creating users, roles and their access to manage the application policies and security credentials we can create and manage the users and roles using this IAM service.
Exploring Users and Groups:
In this IAM, by default, it creates users and groups like “user one, user two and user three”, in this qwiklabs we are login as “awsstudent” to AWS management console like this we can create and provide access to the management console. The full name of the users resembles like below format.
“arn:aws:iam::055797267940:user/spl66/qlstack2-labinstance-236349-3fc76b0b-c31-userthree-9XNFSND4D800”
Like default users, IAM has default three groups.
To access an application we need a user and this user needs some limitations and policies. To create those limitations and policies first we need to add the user to an existing group using “Add users to Group” button located at bottom of the group details.
After that to define policy we have two options like First we need to create a policy using “Policies” option directly and add to the groups or directly open desired Group, using policies options add existing or create a new policy over there only.
Once review the policy and apply the policy to the group, so that this policy can effect to the attached groups and added users to that groups. Like this, we can provide the access and policy to multiple users using groups.
We can manage user passwords and other settings by using “Account Settings” option.
This is about “Introduction of AWS Identity & Access Management (IAM)”.
Thanks,
Yash.
yashnetworks 