In this video, you will gain an understanding of the various methods you can employ to create Identity and Access Management (IAM) users. Users can be created from the AWS Command Line Interface (CLI), an IAM HTTP API, Tools for Windows PowerShell, and via the AWS Web Console. You will learn exactly where to configure IAM users in the AWS Web Console, under the IAM Dashboard. You will appreciate why automation is a best practice, and you will understand that in order to enable Multifactor Authentication, the person corresponding to the IAM user will need to be present.
- View Offline
- [Voiceover] In order for your organization…to operate securely and effectively in AWS,…it is important to configure each person…as an independent IAM user.…While it is possible to federate AWS with an…external identity provider like Active Directory,…I am going to focus on a configuration…where master user identity data…is managed within AWS IAM.…Most AWS services can be configured in a number of ways.…When creating IAM users,…I can automate the creation with a script…using the Command Line Interface,…or CLI,…from a Linux system,…I can automate with a web service…that can call the IAM HTTP API,…I can use a script using the tools…for Windows PowerShell from a Windows system,…or I can configure manually using the web console.…
While automation is the best practice,…I am going to use the web console…to help illustrate the user creation steps.…A typical engineering group is composed of many people.…In this example, Luca and Catherine are Linux specialists.…Milind and Tracy,…in addition to having Linux expertise,…are also network administrators.…
Sharif Nijim couples pragmatic advice with practical examples that educate organizations on how to create a secure infrastructure within Amazon Web Services. Sharif explores the shared responsibility model of security, which splits duties between your company and AWS, and introduces key identity and access management concepts: users, groups, roles, and policies. At the end of the course, he helps you prepare for the inevitable audit of your AWS account(s).
This course includes trademarks owned by Amazon Web Services. This course has not been prepared, approved, or endorsed by Amazon Web Services.
- The AWS shared responsibility model and security landscape
- Enabling CloudTrail
- Configuring AWS Identity and Access Management (IAM)
- Troubleshooting IAM policies
- Granting temporary access
- Incorporating least privilege
- Controlling access to Simple Storage Service (S3)
- Preparing for security audits
- Getting audit help from Trusted Advisor