Presentation slides- What is IAM.pdf IAM
hamzatariqkwl
11 views
12 slides
Sep 02, 2024
Slide 1 of 12
1
2
3
4
5
6
7
8
9
10
11
12
About This Presentation
AWS IAM
Slide Content
What is AWS IAM
IAM is Identity Access Management.
-Authentication
-Authorisation
IAM is Identity Access Management.
-Authentication
-Authorisation
Agenda
-User, Policy,Role, Groups
-Authentication methods
-Policy (managed or custom)
-Permission policy
-Identity Policy, Resource base policy
-Trust policy
-SCP, Permission boundaries
-Cross account access
-Access control using
-RBAC ( Role-based access control)
-ABAC (Attribute-based access control)
-User, Policy,Role, Groups
-Authentication methods
-Policy (managed or custom)
-Permission policy
-Identity Policy, Resource base policy
-Trust policy
-SCP, Permission boundaries
-Cross account access
-Access control using
-RBAC ( Role-based access control)
-ABAC (Attribute-based access control)
How IAM Works
User, Policy, Role, Groups
-User is an account for a user
-No permission in default
-5000 user accounts are allowed per an account
-Policy
-Permission policy
-Identity-based policies apply to the principles
-Resource-based policies apply to resources like S3
-Trust policy
-Demo
-User is an account for a user
-No permission in default
-5000 user accounts are allowed per an account
-Policy
-Permission policy
-Identity-based policies apply to the principles
-Resource-based policies apply to resources like S3
-Trust policy
-Demo
Authentication methods
-Username/password
-Access key/ Secret
-Signing certificate
-Amazon EC2
-SSH key/HTTPS GIT credentials
-AWS CodeCommit/AWS CodePipeline
-Username/password
-Access key/ Secret
-Signing certificate
-Amazon EC2
-SSH key/HTTPS GIT credentials
-AWS CodeCommit/AWS CodePipeline
STS (Secure Token Service)
-Responsible for creating short-lived token
-EC2 instance access S3 bucket
-Trust policy is used here
-Responsible for creating short-lived token
-EC2 instance access S3 bucket
-Trust policy is used here
STS
-
-
SCP (Service control policy)
-SCP can be used to control access in AWS
account level
-https://docs.aws.amazon.com/organizations/latest
/userguide/orgs_manage_policies_scps.html
-SCP can be used to control access in AWS
account level
-https://docs.aws.amazon.com/organizations/latest
/userguide/orgs_manage_policies_scps.html
Permission boundaries
-Avoid privilege escalation
-If a user has permission boundary, this user
cannot create another user without adding
permission boundary
-The user cannot create another user with more
privilege than what he/she currently has
-Avoid privilege escalation
-If a user has permission boundary, this user
cannot create another user without adding
permission boundary
-The user cannot create another user with more
privilege than what he/she currently has
Permission boundaries
Cross account access
-Accessing a resource from another AWS account
-Accessing a resource from another AWS account
RBAC, ABAC
-https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction_a
ttribute-based-access-control.html
-Demo
-https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction_a
ttribute-based-access-control.html
-Demo
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 11
- Slides 12
- Age 455 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
14
Fertility awareness methods for women in the society
Isaiah47
29 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views