AWS IAM: Difference between revisions

From Cramsession
Jump to navigationJump to search
✍️ Verified Author: MflavellClick to view professional profile & credentials
No edit summary
Line 35: Line 35:
* Use conditions to restrict access.
* Use conditions to restrict access.
* Set permission guardrails.
* Set permission guardrails.
* Use permission boundaries.

Revision as of 22:41, 9 June 2025

Study Guides > AWS Cybersecurity Notes > AWS IAM

IAM Introduction

  • Polices rule books
  • These define what actions are allowed and denied on resources.


IAM Supports MFA and Federation.


Common terms:

  • Resources - Something inside the AWS account.
  • Enteritis - Can be an IAM user or federated user.
  • Identities - Used to identify who id doing something. These are users, groups and roles.


IAM Authentication Methods

  • Username and Password
  • Access Key and secret key
  • Session token


Best Practices

  • Humans should access AWS using an IDP - provides access with temporary credentials.
  • Workloads use temporary credentials
  • Require MFA
  • Don't use root credentials for everyday tasks.
  • Apply least privilege.
  • Use AWS managed polices when possible.
  • Use AWS access manager to generate least privilege polices
  • Perform a regular review of IAM.
  • Use conditions to restrict access.
  • Set permission guardrails.
  • Use permission boundaries.
Retrieved from "https://cramsession.net/index.php?title=AWS_IAM&oldid=1143"