Learn about the various methods you can employ to create Identity and Access Management (IAM) users. Users can be created from the AWS Command Line Interface (CLI), an IAM HTTP API, tools for Windows PowerShell, and via the AWS web console. Learn exactly where to configure IAM users in the AWS web console, under the IAM Dashboard. Learn why automation is a best practice, and that in order to enable Multifactor Authentication, the person corresponding to the IAM user will need to be present.
- [Instructor] In order for your organization…to operate securely and effectively in AWS,…it is important to configure each person…as an independent IAM user.…While it is possible to federate AWS…with an external identity provider like Active Directory,…I am going to focus on a configuration…where master user identity data…is managed within AWS IAM.…Most AWS services can be configured in a number of ways.…When creating IAM users I can automate the creation…with a script using the Command Line Interface, or CLI,…from a Linux system.…
I can automate with a Web service…that can call the IAM HTTP API.…I can use a script using the Tools for Windows PowerShell…from a Windows system.…Or I can configure manually using the Web Console.…While automation is a best practice,…I am going to use the Web Console…to illustrate the user creation steps.…A typical engineering group is composed of many people.…In this example, Luca and Catherine are Linux specialists.…Melinda and Tracy, in addition to having Linux expertise,…are also network administrators.…
Sharif Nijim couples pragmatic advice with practical examples that educate IT pros on how to create a secure infrastructure within Amazon Web Services. Sharif explores the shared responsibility model of security, which splits duties between your company and AWS, and introduces key identity and access management concepts, including users, groups, roles, and policies. Learn how to configure Identity and Access Manager (IAM) and Simple Storage Service (S3) access management, including policies and access control lists. At the end of the course, Sharif helps you prepare for the inevitable audit of your AWS account(s).
This course is also part of a series designed to help you prepare for the AWS Certified SysOps Administrator – Associate certification exam.
- The AWS shared responsibility model and security landscape
- Enabling CloudTrail
- Configuring AWS Identity and Access Management (IAM)
- Configuring IAM users, groups, and policies
- Granting temporary access
- Controlling access to Simple Storage Service (S3)
- Preparing for security audits
- Getting audit help from Trusted Advisor