Interact directly with Simple Storage Service (S3) from an Elastic Compute Cloud (EC2) instance, without embedding an access key on the instance. As the instance has an IAM policy assigned to it, this video illustrates the various permissions as defined by the policy.
- [Narrator] Now let's take that one step further.…We have a couple of policies that are applied…both to an IAM group and to an IAM role.…We also have an EC2 instance launched with that IAM role.…Let's fire-up a terminal session on that EC2 instance…and try to access S3.…Here I am at the EC2 dashboard with…the s3TestBox2 instance selected.…I want to establish a connection to it,…so I click the Connect button.…The screen displays instructions on how to connect…to the instance using SSH.…
PuTTY is a common SSH client for Microsoft Windows.…Since I'm on a Mac, I can access SSH directly,…so I'm going to highlight the example SSH connect text…and save it into my clipboard.…Now let's slide over to a terminal on my Mac.…First, let me verify that I have the…sbn.west.pem private key file in my directory.…I can do that by typing the ls command.…Great, there it is.…Now I will paste the SSH connect text into the Mac terminal…to establish the connection.…
Okay, here I am with a terminal connection…on that EC2 instance.…It is a machine running Amazon Linux,…
Sharif Nijim couples pragmatic advice with practical examples that educate IT pros on how to create a secure infrastructure within Amazon Web Services. Sharif explores the shared responsibility model of security, which splits duties between your company and AWS, and introduces key identity and access management concepts, including users, groups, roles, and policies. Learn how to configure Identity and Access Manager (IAM) and Simple Storage Service (S3) access management, including policies and access control lists. At the end of the course, Sharif helps you prepare for the inevitable audit of your AWS account(s).
This course is also part of a series designed to help you prepare for the AWS Certified SysOps Administrator – Associate certification exam.
- Summarize the AWS Shared Responsibility Model.
- Recall how to implement separation of duties.
- Differentiate between assigning permissions to an individual versus a group.
- Summarize how to create IAM roles.
- Describe how to secure financial access.
- Recall the steps for managing access to S3 with IAM.
- Cite the advantages of a pre-signed URL.