From the course: AWS for Architects: Advanced Security
Unlock the full course today
Join today to access over 22,400 courses taught by industry experts or purchase this course individually.
IAM users and groups - Amazon Web Services (AWS) Tutorial
From the course: AWS for Architects: Advanced Security
IAM users and groups
- [Narrator] As we're starting to work with design of IAM systems for AWS, we really need to understand the different sections that we need to design. So let's start with first thinking about principles. Principles can be users, so people, roles, which could be groups of people, or it could be associated to services like EC2 instances. It could also be federated users, and what that means is users who log on with an authentication system that connects to the Amazon authentication system. So this could be something like an open ID, Facebook ID, a Google ID, so on and so forth. Also, applications are known as principles because they need to have some sort of identification within the system and that's called authentication. So the authentication then goes and makes a request and that request is including actions or operations on resources such as a particular S3 bucket or an EC2 instance, or a request for information. In the next section of the IAM flow, the request that comes in goes…