From the course: AWS for Architects: Advanced Security

Unlock the full course today

Join today to access over 22,400 courses taught by industry experts or purchase this course individually.

IAM users and groups

IAM users and groups - Amazon Web Services (AWS) Tutorial

From the course: AWS for Architects: Advanced Security

Start my 1-month free trial

IAM users and groups

- [Narrator] As we're starting to work with design of IAM systems for AWS, we really need to understand the different sections that we need to design. So let's start with first thinking about principles. Principles can be users, so people, roles, which could be groups of people, or it could be associated to services like EC2 instances. It could also be federated users, and what that means is users who log on with an authentication system that connects to the Amazon authentication system. So this could be something like an open ID, Facebook ID, a Google ID, so on and so forth. Also, applications are known as principles because they need to have some sort of identification within the system and that's called authentication. So the authentication then goes and makes a request and that request is including actions or operations on resources such as a particular S3 bucket or an EC2 instance, or a request for information. In the next section of the IAM flow, the request that comes in goes…

Contents