In this video, learn how to create IAM roles and policies.
- [Instructor] If you noticed…when we created our user account,…we gave it full access permissions.…Unless you're the owner of your AWS account,…you'll rarely see this in the real world.…This means you need to be familiar…with the creation and management of IAM policies,…which can be used to provide a more restrictive…and Java specific set of permissions.…Let's look at a policy right now.…Here in AWS Console,…we'll click on Policies under IAM,…we'll type S3,…and this is the AWS S3 full access policy.…
It has three main elements,…effect, which can be allow or deny,…the action, in this case the S3 service,…and the resource,…in this case it could be a specific bucket within S3.…Let's click on Roles now.…We'll click on Create Role.…When defining a role,…you'll be asked to first create a trust policy.…Essentially, this is just asking who can assume this role…and the answer to that is users from other accounts,…federated users, web identity users,…and in our case AWS Services.…
Let's now associate the policy we just saw with this role.…
Author
Carlos Rivas
Released
12/12/2018- Identity and Access Management security
- S3 security policies, encryption, and version control
- KMS encryption
- User authentication with Cognito
Skill Level Advanced
Duration
Views
-
Introduction
-
1. IAM Security
-
Important concepts3m 3s
-
Users and access keys3m 22s
-
Roles and policies3m 29s
-
IAM key points1m 21s
-
-
2. S3 Storage
-
S3 as a static website2m 17s
-
Bucket policies2m 24s
-
S3 bucket encryption1m 34s
-
S3 key points1m 23s
-
-
3. KMS Encryption
-
Using AWS KMS3m 44s
-
KMS key points1m 13s
-
4. User Identities with Cognito and Web Federation
-
Cognito concepts2m 8s
-
Workflow2m 58s
-
Cognito demo8m 36s
-
Cognito key points1m 24s
-
-
Conclusion
-
Next steps2m 9s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Roles and policies