AWS IAM: Difference between revisions

From Cramsession
Jump to navigationJump to search
✍️ Verified Author: MflavellClick to view professional profile & credentials
(Created page with "Study Guides > AWS Cybersecurity Notes > AWS IAM = IAM Introduction = * Polices rule books :* These define what actions are allowed and denied on resources. IAM Supports MFA and Federation. Common terms: * Resources - Something inside the AWS account. * Enteritis - Can be an IAM user or federated user. * Identities - Used to identify who id doing something. These are users, groups and roles.")
 
No edit summary
Line 14: Line 14:
* Enteritis - Can be an IAM user or federated user.
* Enteritis - Can be an IAM user or federated user.
* Identities - Used to identify who id doing something. These are users, groups and roles.
* Identities - Used to identify who id doing something. These are users, groups and roles.
= IAM Authentication Methods =
* Username and Password
* Access Key and secret key
* Session token
= Best Practices =
* Humans should access AWS using an IDP - provides access with temporary credentials.
* Workloads use temporary credentials
* Require MFA
* Don't use root credentials for everyday tasks.
* Apply least privilege.
* Use AWS managed polices when possible.
* Use AWS access manager to generate least privilege polices
* Perform a regular review of IAM.
* Use conditions to restrict access.
* Set permission guardrails.

Revision as of 22:41, 9 June 2025

Study Guides > AWS Cybersecurity Notes > AWS IAM

IAM Introduction

  • Polices rule books
  • These define what actions are allowed and denied on resources.


IAM Supports MFA and Federation.


Common terms:

  • Resources - Something inside the AWS account.
  • Enteritis - Can be an IAM user or federated user.
  • Identities - Used to identify who id doing something. These are users, groups and roles.


IAM Authentication Methods

  • Username and Password
  • Access Key and secret key
  • Session token


Best Practices

  • Humans should access AWS using an IDP - provides access with temporary credentials.
  • Workloads use temporary credentials
  • Require MFA
  • Don't use root credentials for everyday tasks.
  • Apply least privilege.
  • Use AWS managed polices when possible.
  • Use AWS access manager to generate least privilege polices
  • Perform a regular review of IAM.
  • Use conditions to restrict access.
  • Set permission guardrails.
Retrieved from "https://cramsession.net/index.php?title=AWS_IAM&oldid=1142"