cLASE 3 DE 40 Es por esoque debes teber 40 c.pptx
CarlosGil57586
14 views
13 slides
Mar 08, 2025
Slide 1 of 13
1
2
3
4
5
6
7
8
9
10
11
12
13
About This Presentation
cccccc
Slide Content
Course MaxCloud AWS Cloud Practitioner
Class 02 AWS IAM Amazon EC2 Amazon EBS
AWS IAM AWS Identity and Access Management (IAM) is a service that helps you securely control access to AWS resources. With IAM, you can centrally manage permissions that control which AWS resources users can access You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.
IAM user , groups, policies User: Is an entity that you create in AWS. Represents the human user or workload who uses the IAM user to interact with AWS. Groups: is a collection of IAM users. You can specify permissions to a group and these permissions will apply to all users in the group. Policies: You manage access in AWS by creating policies and attaching them to IAM identities (users, groups, or roles). Permissions in the policies determine whether the action is allowed or denied.
AWS Access keys Access keys consist of an access key ID and secret access key, which are used to sign programmatic requests that you make to AWS. Example: Access Key: AKIAIOSFODNN7EXAMPLE Secret Key: wJalrXUtnFEMI /K7MDENG/ bPxRfiCYEXAMPLEKEY
Multi-factor authentication (MFA) MFA adds extra security because it requires MFA mechanism in addition to their regular sign-in credentials when users access to AWS websites or services You can enable MFA for the AWS account root user and IAM users. FIDO security key Virtual MFA device Hardware TOTP token DEMO: https://www.youtube.com/watch?v=7Gy1Ps_vC80
IAM policies Effect: The effect can be Allow or Deny. Action: The action is the specific API action for which you are granting or denying permission. Resource: The resource that's affected by the action. Condition: Conditions are optional. They can be used to control when your policy is in effect. { "Statement": [ { "Effect": "effect", "Action": "action", "Resource": " arn ", "Condition": { "condition": { "key": "value" } } } ] }
IAM policies - Conditions Lets you specify conditions for when a policy is in effect. Example "Condition" : { "{condition-operator}" : { "{condition-key}" : "{condition-value}" }} "Condition" : { " StringEquals " : { " aws:username " : " johndoe " }} "Condition": {" StringLike ": {"s3:prefix": [" janedoe /*"]}} "Condition": {" StringLike ": {"s3:prefix": ["${ aws:username }/*"]}}
AWS Policy Generator https://awspolicygen.s3.amazonaws.com/policygen.html
IAM Roles Is an IAM identity that you can create in your account that has specific permissions. A role is assumable by anyone who needs it. Also, does not have standard long-term credentials (password or access keys) associated with it. Instead, when you assume a role, it provides you with temporary security credentials for your role session. You can use roles to delegate access to users, applications, or services that don't normally have access to your AWS resources. IAM Role
IAM Identity Center AWS IAM Identity Center is the recommended AWS service for managing human user access to AWS resources It is a single place where you can assign your workforce users, also known as workforce identities, consistent access to multiple AWS accounts and applications. With IAM Identity Center, you can create or connect workforce users and centrally manage their access across all their AWS accounts and applications. You can choose one of the following as your identity source: Identity Center directory (Default) Active Directory (AWS Managed Microsoft AD directory or your self-managed directory in Active Directory (AD).) External identity provider (Okta or Microsoft Entra ID)
Grant least privilege access It's a best practice to grant only the access that identities require to perform specific actions on specific resources under specific conditions. Use group and identity attributes to dynamically set permissions at scale, rather than defining permissions for individual users.
Muchas Gracias
Tags
Categories
EducationDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 14
- Slides 13
- Age 288 days
Related Slideshows
11
TLE-9-Prepare-Salad-and-Dressing.pptxkkk
MaAngelicaCanceran
61 views
12
LESSON 1 ABOUT MEDIA AND INFORMATION.pptx
JojitGueta
45 views
60
GRADE-8-AQUACULTURE-WEEKQ1.pdfdfawgwyrsewru
MaAngelicaCanceran
76 views
26
Feelings PP Game FOR CHILDREN IN ELEMENTARY SCHOOL.pptx
KaistaGlow
68 views
![Jeopardy_Figures_of_Speech_Template.pptx [Autosaved].pptx](https://slidepub.com/thumb/5828/284015828.jpg)
54
Jeopardy_Figures_of_Speech_Template.pptx [Autosaved].pptx
acecamero20
38 views
7
Jeopardy_Figures_of_Speech.pptxvdsvdsvsdvsd
acecamero20
41 views