AWS User Management Concepts
- AWS Organizations allows multiple AWS accounts to be organized and have common policies
- Each AWS account will have a service called as IAM (Identity and Access Management) where user, groups, role i.e. authentication and authorization is handled
-
AWS IAM Concepts:
- User: this represents an individual
- Group: this represents group of individuals with common set of permissions
- role: This represents permission given to one AWS service for access on other AWS services.
- Policy: This represents Allow or deny permissions list. This is written in JSON
- We will work with AWS IAM mostly and Identity Center for few scenarios
Scenarios
- Your company already has users in some identity and access management
- Recreate users
- Sync/Federate users
- Permission management
- Mulitple Accounts i.e. Organizations
-
Skills Required
- JSON
- Note: Refer Here
