Welcome, tech enthusiasts! In this blog series, I will be documenting my journey towards achieving the AWS Cloud Solutions Associate (CSA) certification. With regret, I missed the opportunity to record my experiences during my AWS Cloud Practitioner journey. However, this time around, I am determined to capture what I learn each week and share the resources I use. To support my certification pursuit, I have enrolled in the AWS CloudUp Program, which specifically assists women in obtaining their CSA certification.
Week 1 : Identity and Access Management IAM- Review
Let’s begin with an overview of IAM, which stands for Identity and Access Management. IAM allows you to manage user accounts and control their level of access to the AWS billing console. With IAM, you can:
- Create users and assign permissions to them.
- Establish groups and roles.
- Regulate access to AWS resources.
When you initially set up your AWS account, it is considered your “root account.” This account is associated with the email address used for AWS registration, granting it full administrative access. Consequently, securing this account becomes paramount.
Here are the steps to secure your AWS root account:
- Enable multi-factor authentication (MFA) for root access.
- Establish an admin group for your administrators and assign appropriate permissions.
- Create user accounts for your administrators.
- Add these users to the admin group.
To control user actions and access, you need to assign permissions using IAM policy documents. IAM policies are JSON documents that describe permissions within AWS.
These policies can be assigned to groups, users, and roles. Keep in mind that when creating a user, it will be on a global level, and region selection is not required.
By default, users will not have permission to access anything on the AWS platform until an IAM policy is assigned to them.
IAM policies are JSON documents used to describe permissions within AWS.
Reminder: When creating users remember by default users will not have permission to anything on the AWS platform until an IAM Policy is assigned
IAM can be accessed through various means, including:
- AWS CLI
- AWS SDKs
- AWS Management Console
Additionally, AWS provides several services for identity and access management:
- Amazon Cognito is a service for simple and secure user sign-up, sign-in, and access control to your web and mobile apps.
- AWS Directory Services A managed service that provides directories containing organizational information, including users, groups, computers, and resources, reducing management tasks.
- IAM is a service that enables you to securely manage access to AWS services and resources in your account. You can create users and groups and apply permissions to allow or deny access to AWS resources.
AWS IAM Identity Center : A cloud single sign-on (SSO) service facilitating central management of SSO access to multiple AWS accounts and business applications. It allows users to sign in to a user portal with their existing corporate credentials, with integrations to many business applications, including Microsoft Active Directory
Resources
To aid my preparation for the AWS CSA certification, I am utilizing the following resources
- Cloud Guru
- AWS Skill Builder
- Coursera
I invite you to comment, share, like, retweet, and follow me on Twitter @NicoleTalksTech
Conclusion:
In this first week of studying for the AWS Cloud Solutions Associate (CSA) certification, I dived into the fundamental concepts of Identity and Access Management (IAM). By understanding IAM, I can effectively manage user access to the AWS platform, ensuring security and compliance. Stay tuned for my next blog post, where I will explore another essential topic in my certification journey. Together, let’s unlock the vast potential of AWS!
I’m Nicole, a Cloud & AI Strategy Architect with a rich background in cloud services, data analytics, and an advocate for ethical AI. Based in the Greater Seattle Area, I am currently shaping the future of cloud cost efficiency and AI integration.
About Me
