AWS Classroomnotes 20/Aug/2022

Writing Custom IAM Policies

  • Refer Here for IAM Policy Grammar
  • Global Conditional keys Refer Here
  • Refer Here for actions keys and resources of all aws services
  • Every Resource in AWS which we create gets a unique ARN (Amazon Resource Name)

Policy 1:

  • Lets create a policy which will give access to all the actions in S3
  • Refer Here for the policy created
  • Now lets assign this policy to a user and verify access
  • Now login as the testuser and verify access
  • S3 :
    • View
    • Create
    • Delete
  • Other Services:

Policy 2:

  • Create a policy which will give access to all resources in RDS and all resources in Dynamo DB
  • Refer Here for the changes
  • Next Steps:
    • We need to figure out a way to test policies effectively without manually checking
    • Give specific permissions to users or to groups and also specific regions, etc .

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About continuous learner

devops & cloud enthusiastic learner