Iam basic_
#aws #iam
IAM is global service for identity and access management
Terminologies
- Root account: by default, highest permissions
- Users: can belong to many groups
- Group: Contain users, not other groups
- IAM Policy: JSON Document define permissions that allows/denies to some resource. Statements: (Sid, Effect, Principal, Action, Resource, Condition)
Features
- MFA
- Access Key
- CLI/SDK supported
- Password policy for created users.
Other tools
- IAM Security tools
- IAM Credential Report (account level): Report for all users in your account.
- IAM Access Advisor (user level): Check user permissions for user