AWS identity and access management

Before you starting reading this post, my suggestion would be (provided you have time at hand) to refer to information related to IAM on AWS site. These are my running notes that I was able to capture while working on IAM.

From AWS site – “AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely. Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.”
IAM allows to manage access to compute, storage, database and application services in the AWS cloud. IAM uses access control concepts such as users, groups and permissions which get applied to individual API calls. This allows IAM to classify which user can access which specific service, the kind of action s/he can perform and which resources are available.

In order to login I typed in https://us-east-1.signin.aws.amazon.com/ and then clicked on “sign in to console” button on the top right corner. This opened up a new page where I could login via two options:
-using account ID, username and password or
-using root user email

The first time I wanted to create my account, I took the – Sign in using root user email –option.
I could create a new AWS account (new root user email) or sign in to an existing root user email.

I created my user following the steps listed at Getting Started.

Once the first user was created, I noted down the account ID, IAM username and password and logged out of my root login.
My next login was using the IAM user that I created in the previous step.

IAM is an interesting concept and AWS has really good resources around that. I think it is worth the time to understand how IAM manages security for anyone who wants to be proficient in managing resources in AWS.

More information at https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s