Identity and Access Management on AWS

Paths

Identity and Access Management on AWS

Author: Brian Eiler

Identity and Access Management on AWS is an integral part of ensuring the correct people have access to the appropriate services, applications, and organizations.

What you will learn

  • While completing this path you will learn the basics of creating and managing users, groups, roles, policies, and more. You’ll also learn the basics of setting up an organization on AWS.

Pre-requisites

This path is intended for a beginning learner on AWS. General cloud computing knowledge is helpful but not required.

Beginner

In this section you will learn how to create a User. You’ll also learn how to define roles and groups for your users.

Identity and Access Management on AWS: Users

by Brian Eiler

Feb 22, 2019 / 1h 43m

1h 43m

Start Course
Description

At the core of Identity and Access Management (IAM) usage in AWS is a thorough knowledge of users and their purpose. In this course, Identity and Access Management on AWS: Users, you’ll learn how to properly create and use IAM users and optionally federate them with external directory services. First, you’ll learn about the root user that is the only user in a new account and why this user should be used to set up the IAM user that will do the rest of the configuration. Next, you’ll explore how to create users for both Management Console and programmatic access, as well as how to secure that access. Finally, you’ll discover how to federate IAM in AWS with external authentication services, such as Active Directory and web identities (including Amazon, Google, and Facebook), as well as other frameworks like OpenID and SAML. When you’re finished with this course, you’ll have a foundational knowledge of users in IAM on AWS that will help you as you move forward with securing your AWS infrastructure.

Table of contents
  1. Course Overview1m
  2. Introducing IAM on AWS21m
  3. Creating and Maintaining Individual Users48m
  4. Incorporating Federation32m

Identity and Access Management on AWS: Roles and Groups

by Brian Eiler

Feb 25, 2019 / 2h 30m

2h 30m

Start Course
Description

Using individual users for all access control is fine for small companies, but when you have tens, hundreds, thousands, or more users and interactions with other companies, this doesn’t scale well. Additionally, auditing the use of the various users, groups, and roles is critical to organizations of all sizes. In this course, Identity and Access Management on AWS: Roles and Groups, you will gain the ability to manage organizations of any size and to use roles properly. You'll also learn how to describe the various tools that are available to audit and manage the use of IAM. First, you will examine how groups can be used to simplify the management of collections of users. Next, you will discover the various use cases for roles, including some of the types of roles that help in those use cases. The role of the Security Token Service (STS) in relation to roles will be discussed. Best practices in relation to roles is also an important topic to be considered, as roles are one of the most misunderstood things in all of IAM. Finally, you will discover how to use the various tools that Amazon provides to manage, optimize, and audit IAM and the use of IAM permissions, including Credential Report, Access Advisor, CloudTrail, Trusted Advisor, and AWS Config. When you’re finished with this course, you will have the skills and knowledge to use roles and groups to secure your AWS infrastructure and to audit and optimize usage of IAM in AWS.

Table of contents
  1. Course Overview1m
  2. Introducing IAM Groups on AWS39m
  3. AWS IAM Roles45m
  4. IAM Access Control1h 3m

Intermediate

In this section you’ll learn about policies and permissions which your users will need, and your services will need.

Identity and Access Management on AWS: Policies and Permissions

by Brian Eiler

Feb 26, 2019 / 2h 21m

2h 21m

Start Course
Description

At the core of Identity and Access Management (IAM) usage in AWS is a thorough knowledge of policies and permissions. In this course, Identity and Access Management on AWS: Policies and Permissions, you’ll learn how to choose the appropriate policy type, create and manage custom policies, and determine the effective policies given a scenario. First, you’ll learn what policies are and how they are structured, along with the various types available. Next, you’ll explore how to evaluate policies, including the Policy Simulator tool to determine the exact policies that are in place and from where permissions are granted or denied. Finally, you’ll discover how to use advanced policy options, including policy conditions and permission boundaries to control the exact policies desired in a very fine-grained way. When you’re finished with this course, you’ll have a strong foundational knowledge of policies and permissions to provide the authorization to perform tasks in AWS that will help you as you secure your AWS infrastructure.

Table of contents
  1. Course Overview1m
  2. Implementing IAM Policies1h 5m
  3. Policies1h 15m

Advanced

In this final section you’ll learn about designing an overall AWS Organization and how you will go about implementing the entire org.

Identity and Access Management on AWS: Designing and Implementing an AWS Organization

by Brian Eiler

Feb 26, 2019 / 2h 24m

2h 24m

Start Course
Description

For small organizations, a single AWS account may be all that is required, but for many organizations, multiple accounts are a fact of life, whether for security, business/finance reasons, or due to mergers and acquisitions. Managing multiple accounts is a big challenge, but one for which AWS has provided tools. In this course, Identity and Access Management on AWS: Designing and Implementing an AWS Organization, you will gain the ability to manage multiple AWS accounts leveraging AWS tools and best practices. First, you will learn why multiple accounts may be needed, what the AWS Organizations feature is and how it can help in the management of those accounts, and the role of Organizational Units (OUs) in an Organization. Next, you will discover how to leverage Service Control Policies (SCPs) to gain finer-grained control over what IAM accounts can do within an AWS account. Finally, you will explore how to monitor an Organization, leverage Security Hub, and see how the Landing Zone concept can be used to deploy accounts according to best practices. When you’re finished with this course, you will have the skills and knowledge about AWS Organizations needed to effectively create, manage, and monitor multiple AWS accounts.

Table of contents
  1. Course Overview1m
  2. Creating and Managing an AWS Organization1h 7m
  3. Managing Organization Policies33m
  4. Organization Integration and Best Practices42m
Offer Code *
Email * First name * Last name *
Company
Title
Phone
Country *

* Required field

Opt in for the latest promotions and events. You may unsubscribe at any time. Privacy Policy

By providing my phone number to Pluralsight and toggling this feature on, I agree and acknowledge that Pluralsight may use that number to contact me for marketing purposes, including using autodialed or pre-recorded calls and text messages. I understand that consent is not required as a condition of purchase from Pluralsight.

By activating this benefit, you agree to abide by Pluralsight's terms of use and privacy policy.

I agree, activate benefit