Difference between revisions of "AWS Identity and Access Management (IAM)"
Jump to navigation
Jump to search
↑ https://en.wikiversity.org/wiki/Cloud_computing/Amazon_Web_Services/Identity_and_Access_Management
↑ https://aws.amazon.com/blogs/aws/new-managed-policies-for-aws-identity-access-management/
↑ https://aws.amazon.com/blogs/security/how-to-assign-permissions-using-new-aws-managed-policies-for-job-functions/
↑ https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_job-functions.html
↑ https://aws.amazon.com/es/blogs/security/easier-way-to-control-access-to-aws-regions-using-iam-policies/
(33 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
− | Amazon in 2012 introduces AWS Identity and Access Management (IAM) for EC2 <ref>https://en.wikiversity.org/wiki/Cloud_computing/Amazon_Web_Services/Identity_and_Access_Management</ref>. In February introduced Managed [[Policies]] by AWS<ref>https://aws.amazon.com/blogs/aws/new-managed-policies-for-aws-identity-access-management/</ref> and since November 2016 there are 10 different policies bases on job functions: <code>[[AdministratorAccess]]</code> (This policy grants full access to all AWS services, similar to root role in Unix systems), <code>Billing</code>,<code> Data Scientist</code>, <code>Database Administrator</code>, <code>Developer Power User</code>, <code>Network Administrator</code>, <code>Security Auditor</code>, <code>Support User</code>, <code>System Administrator and View Only User</code> <ref>https://aws.amazon.com/blogs/security/how-to-assign-permissions-using-new-aws-managed-policies-for-job-functions/</ref><ref>https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_job-functions.html</ref> | + | Amazon in 2012 introduces AWS Identity and Access Management ([[IAM]]) for EC2 <ref>https://en.wikiversity.org/wiki/Cloud_computing/Amazon_Web_Services/Identity_and_Access_Management</ref>. In February introduced Managed [[Policies]] by AWS<ref>https://aws.amazon.com/blogs/aws/new-managed-policies-for-aws-identity-access-management/</ref> and since November 2016 there are 10 different policies bases on job functions: <code>[[AdministratorAccess]]</code> (This policy grants full access to all AWS services, similar to root role in Unix systems), <code>Billing</code>,<code> Data Scientist</code>, <code>Database Administrator</code>, <code>Developer Power User</code>, <code>Network Administrator</code>, <code>Security Auditor</code>, <code>Support User</code>, <code>System Administrator and View Only User</code> <ref>https://aws.amazon.com/blogs/security/how-to-assign-permissions-using-new-aws-managed-policies-for-job-functions/</ref><ref>https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_job-functions.html</ref> |
+ | * [[AWS managed policies]] | ||
+ | * [[AWS managed Job functions]] | ||
+ | == Examples policies == | ||
+ | * <code>[[aws:RequestedRegion]]</code> (April 2018) <ref>https://aws.amazon.com/es/blogs/security/easier-way-to-control-access-to-aws-regions-using-iam-policies/</ref> | ||
* <code>[[iam:ChangePassword]]</code> | * <code>[[iam:ChangePassword]]</code> | ||
+ | * <code>arn:aws:iam::aws:policy/[[ReadOnlyAccess]]</code> | ||
+ | == News == | ||
+ | * [[AWS timeline|Nov 2022]] assign multiple [[MFA]] devices in IAM https://aws.amazon.com/blogs/security/you-can-now-assign-multiple-mfa-devices-in-iam/ | ||
+ | * Dec 2019 [[AWS IAM Access Analyzer]] | ||
+ | * Feb 2015 [[AWS Security Token Service (STS)]] in Every AWS Region | ||
+ | * Oct 2013 [[AWS IAM policy simulator]] | ||
+ | |||
+ | == Activities == | ||
+ | * Read https://stackoverflow.com/questions/tagged/amazon-iam?tab=Votes | ||
+ | * [[Granting access to your billing information and tools]] | ||
+ | * [[Using temporary credentials with AWS resources]]: <code>[[aws sts get-session-token]]</code> | ||
== Related terms == | == Related terms == | ||
* [[SigV4]] | * [[SigV4]] | ||
− | * [[AWS IAM | + | * [[Azure Identity and access management (IAM)]] |
+ | * <code>[[gcloud iam]]</code> | ||
+ | * <code>[[aws-iam-authenticator]]</code> and [[EKS]] | ||
+ | * [[AWS IAM role]] | ||
+ | * [[AWS IAM principal]] | ||
== See also == | == See also == | ||
− | * {{ | + | * {{AWS IAM}} |
− | |||
− | |||
− | |||
− | |||
− | [[Category: | + | [[Category:IAM]] |
− | |||
[[Category:AWS]] | [[Category:AWS]] |
Latest revision as of 11:38, 26 July 2024
Amazon in 2012 introduces AWS Identity and Access Management (IAM) for EC2 [1]. In February introduced Managed Policies by AWS[2] and since November 2016 there are 10 different policies bases on job functions: AdministratorAccess
(This policy grants full access to all AWS services, similar to root role in Unix systems), Billing
, Data Scientist
, Database Administrator
, Developer Power User
, Network Administrator
, Security Auditor
, Support User
, System Administrator and View Only User
[3][4]
Examples policies[edit]
aws:RequestedRegion
(April 2018) [5]iam:ChangePassword
arn:aws:iam::aws:policy/ReadOnlyAccess
News[edit]
- Nov 2022 assign multiple MFA devices in IAM https://aws.amazon.com/blogs/security/you-can-now-assign-multiple-mfa-devices-in-iam/
- Dec 2019 AWS IAM Access Analyzer
- Feb 2015 AWS Security Token Service (STS) in Every AWS Region
- Oct 2013 AWS IAM policy simulator
Activities[edit]
- Read https://stackoverflow.com/questions/tagged/amazon-iam?tab=Votes
- Granting access to your billing information and tools
- Using temporary credentials with AWS resources:
aws sts get-session-token
Related terms[edit]
- SigV4
- Azure Identity and access management (IAM)
gcloud iam
aws-iam-authenticator
and EKS- AWS IAM role
- AWS IAM principal
See also[edit]
- IAM: AWS IAM Identity Center, AWS Identity and Access Management, Google Cloud IAM, Azure IAM, SailPoint, CyberArk, CIAM, ForgeRock,
iam:ChangePassword
,aws iam
,AdministratorAccess
, Context keys, IAM Access Analyzer, AWS policy, AWS managed policies,IAMUserChangePassword
, AWS Roles, List of AWS policies, Resource-based policy,aws-iam-authenticator
, IRSA, RDS Authentication,AccessDenied
, AWS Authentication, AWS IAM external access analyzer
Advertising: