Visitor Counter

Visitor Counter

Friday, March 20, 2020

Identity Access Management (IAM)

In this post, I'm going to talk about Identity Access Management (IAM)

 

What is IAM?

 

Essentially, IAM allows you to control users and their access level to the AWS Console. It is important to understand the IAM and how it works for Administrating a company's AWS account.

 

What does the IAM give you?

  • Centralize control for AWS Accounts 

  • Shared access  to AWS accounts  

  • Multifactor authentication

  • Provide temporary access for users /devices /services 

     

     

Let see what is IAM Console is

 

 

 This the console interface when you log in 




Now go to the services tab top left corner and  select IAM from the list or you can search bar to search the services






When you select the IAM you will get this window four Options



When you click Create individual IAM users and click Manage users to get this window. the users are already created.





These are the main option for users Permissions, Groups, Tags, Security Credentials and Access advisor







These are the main option for Groups User, Permissions and Access advisor



Now we are going to add users to the groups I'm going to add user-1 to the S3-Support, user-2 to the EC2-Support, and user-3 to the EC2-Admin. The method will be the same for every user

Select the user Go to the group tab and click add a user to the group ad select the group that you want to add.

When you have added all the users to their groups you can see which groups there are in.





After creating the accounts we can use highlighted ink to log in to the accounts Copy that link and open the link in a new tab.


Note -: 

If you like you can change the link by clicking the CUSTOMIZE button and you can add  Account alias.

 

 

When you open the link it will be like this. log in using the user name and password


USER-1





 

Different users have different permissions this is user-1 

 

 

user-1 does not have permission to view or add users to groups.  Do not have permission to view Instances


USER-2









This is user-2 he has the permissions to view the Instances but, that user does not have permissions to stop the instances. When the user-2 try to stop the instances it gives an error.


USER-3

 





 

 This is user-3 he has the permissions to stop the Instances

Summary -:

Form this we can understand that IAM controls the user's permission, and the different users may have different access permissions.





Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Click hear to Visit my Facebook