Learn how to manage access to Simple Storage Service (S3) through the use of Identity and Access Managment (IAM) policies. These IAM policies have a remarkable degree of granularity, and can be assigned to users, groups, roles, and through the use of roles, EC2 instances.
- [Narrator] Access to S3 can be managed…in a number of different ways.…Using Identity and Access Management Policies…to control access to S3 is a great idea.…This fits nicely with the best practice of using IAM…to control access to AWS resources, in general.…IAM policies are a great tool to managing S3 as…they allow for almost any level of granularity imaginable.…Suppose the CEO of your company wants to store…confidential documents in S3?…You can lock down access to a specific S3 bucket…using an IAM policy.…
So only the CEO would be able to access the…contents of the bucket.…Similarly, if the CEO wanted an S3 bucket to share…documents with her leadership team, it is possible…to apply an IAM policy to the leadership team's group.…More interesting the the ability to apply access…policies to IAM roles.…Not only can a role be assigned to users and groups,…policies can also be assigned to roles.…This is a powerful concept.…By assigning a policy to a role,…that means a server within AWS can be launched…with that role.…
Sharif Nijim couples pragmatic advice with practical examples that educate IT pros on how to create a secure infrastructure within Amazon Web Services. Sharif explores the shared responsibility model of security, which splits duties between your company and AWS, and introduces key identity and access management concepts, including users, groups, roles, and policies. Learn how to configure Identity and Access Manager (IAM) and Simple Storage Service (S3) access management, including policies and access control lists. At the end of the course, Sharif helps you prepare for the inevitable audit of your AWS account(s).
This course is also part of a series designed to help you prepare for the AWS Certified SysOps Administrator – Associate certification exam.
- Summarize the AWS Shared Responsibility Model.
- Recall how to implement separation of duties.
- Differentiate between assigning permissions to an individual versus a group.
- Summarize how to create IAM roles.
- Describe how to secure financial access.
- Recall the steps for managing access to S3 with IAM.
- Cite the advantages of a pre-signed URL.