IAM Roles
- IAM Roles are permissions provided to AWS resources to access other resources.
- Watch classroom video for giving an ec2 instance access to s3 buckets
Azure
-
In Azure identities are from Microsoft Entra ID (Azure AD)
- Lets create a user in microsoft entra and setup authenticator.
- This user when he attempts to login into azure will be success but he will not have any access
- To Provide Access in Azure, We have to use Azure RBAC (Role Based Access control)
- Azure also has lots of predefined roles. (Azure Role == AWS Policy)
- Common Azure roles
- Contributor => Full permissions but cannot give access to others
- Owner => Full Permissions
- Reader => Readonly Permissions
- In Azure giving a user a permission (i.e role) is referred as role assignment
- Watch classroom recording
- Azure has system identity which gives a service principal
