In this video, you will get an introduction to Identity and Access Managment (IAM). You will understand what IAM is used for, and difference between authentication and authorization. You will learn how about IAM users, groups of users, policies, and roles. You will also understand the Principle of Least Privilege, and how IAM policies are evaluated.
- [Voiceover] Understanding identity and access…management is a crucial concept to the secure…administration of your AWS account.…Going forward, I'll refer to identity and access…management simply as IAM.…What is IAM, and what is it used for?…Generally speaking, IAM has two primary functions.…The first function of IAM is to authenticate users.…By validating the combination of a username…and password, the authentication function of IAM…is complete.…For example, let's say you have an online subscription…to The New York Times.…
In order to log into your account, you have to supply…your username and password.…In the context of IAM in AWS, authentication…is the combination of an IAM user…and the user's security credential.…The second function of IAM is the authorization of users.…For example, suppose you have a valid…username and password for The New York Times.…However, due to an account issue, you are not…able to access the articles.…That is, you are not authorized to access content,…despite the fact that you are authenticated successfully.…
Sharif Nijim couples pragmatic advice with practical examples that educate organizations on how to create a secure infrastructure within Amazon Web Services. Sharif explores the shared responsibility model of security, which splits duties between your company and AWS, and introduces key identity and access management concepts: users, groups, roles, and policies. At the end of the course, he helps you prepare for the inevitable audit of your AWS account(s).
- The AWS shared responsibility model and security landscape
- Enabling CloudTrail
- Configuring AWS Identity and Access Management (IAM)
- Troubleshooting IAM policies
- Granting temporary access
- Incorporating least privilege
- Controlling access to Simple Storage Service (S3)
- Preparing for security audits
- Getting audit help from Trusted Advisor