AWS Classroom Series – 29/Jul/2020

Terms in IAM

  • Principal: A principal is a person or application that makes a request for an action or operation on AWS resources.
  • Request: Principal send a request to AWS & request includes the following information
    • Actions or operations
    • Resources
    • Prinicipal
    • Resource Data
    • Environmenta data Preview

IAM Policy

  • IAM Policy is a JSON file and it can also be created from visual editor.

  • Lets look into couple of AWS Managed policies Preview Preview Preview Preview Preview

  • note: Creating ec2 Refer Here

  • Generally all the IAM policies managed by AWS will be for all resources

  • In your enterprise,

    • We might need to give resource specific access also
  • Lets understand how to create custom IAM Policies

    • Prerequisites: JSON
    • AWS describes the structure to be used to create IAM Policy as IAM Policy Grammar Refer Here
  • Sample Json policies

    • Admin:
    • EC2 Readonly
    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Action": "ec2:Describe*",
                "Resource": "*"
            },
            {
                "Effect": "Allow",
                "Action": "elasticloadbalancing:Describe*",
                "Resource": "*"
            },
            {
                "Effect": "Allow",
                "Action": [
                    "cloudwatch:ListMetrics",
                    "cloudwatch:GetMetricStatistics",
                    "cloudwatch:Describe*"
                ],
                "Resource": "*"
            },
            {
                "Effect": "Allow",
                "Action": "autoscaling:Describe*",
                "Resource": "*"
            }
        ]
    }
    

Preview

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About learningthoughtsadmin