Follow these best practices for using AWS Identity and Access Management (IAM) to help secure your AWS account and resources.| docs.aws.amazon.com
Learn how to request temporary security credentials from AWS Security Token Service.| docs.aws.amazon.com
Learn the maximum number and size quotas,name requirements, and character limits available in IAM and AWS STS.| docs.aws.amazon.com
Learn how to use IAM identity-based policies to grant users and roles access to Amazon EBS.| docs.aws.amazon.com
Learn how to create customer managed policies in IAM to define permissions for identities and resources using the AWS Management Console, AWS CLI, or API.| docs.aws.amazon.com
CIEM is a specialized access management approach that provides visibility and control for cloud environments. IAM manages user identities, permissions, and roles across your organization's IT resources.| wiz.io
How to authenticate requests and manage access to your Amazon S3 resources.| docs.aws.amazon.com
Learn about the AWS Identity and Access Management (IAM) policies and permissions that are available in Amazon S3.| docs.aws.amazon.com
Learn how to control user access to your Amazon EC2 resources.| docs.aws.amazon.com
Use the IAM policy simulator to test and troubleshoot IAM policies that are attached to users, IAM groups, roles, or resources.| docs.aws.amazon.com
Learn how policies can be used to set the permissions boundary for a user or role.| docs.aws.amazon.com
Describes the Principal element of the AWS JSON policy language.| docs.aws.amazon.com
Returns a set of temporary security credentials for users who have been authenticated in a mobile or web application with a web identity provider. Example providers include the OAuth 2.0 providers Login with Amazon and Facebook, or any OpenID Connect-compatible identity provider such as Google or| docs.aws.amazon.com
Learn the relationship of IAM users to credentials, permissions, and AWS accounts.| docs.aws.amazon.com
Learn about AWS policies and how they work to define permissions for AWS services and resources.| docs.aws.amazon.com
Learn how and when to use IAM roles.| docs.aws.amazon.com
We've Moved to the AWS Docs! 🚀| aws.github.io
Recently I decided to sit down and futher lock down my personal AWS account. I haven’t used it for much other than S3 storage of macOS installers and in turn had not configured things as securely as I would have liked. The following post walks you through how to lock down an AWS account that is used by a single user. A lot of the recommendations apply just as much to an account with multiple users as well.| Scott Knight
This article was originally posted on the Amazon Web Services Security Blog. AWS CloudFormation is a service that lets you create a collection of related Amazon Web Services and third-party resources and provision them in an orderly and predictable fashion. A typical access control pattern is to delegate permissions for users to interact with CloudFormation and remove or limit their permissions to provision resources directly. You can grant the AWS CloudFormation service permission to create ...| packetmischief.ca
There can be times when you're working on the AWS Cloud where you need to grant limited access to your account to a third-party. For example: A contractor or a specialist needs to perform some work on your behalf You're having AWS Professional Services or a partner from the Amazon Partner Network do some work in your account You're conducting a pilot with AWS and you want your friendly neighborhood Solutions Architect to review something In each of these cases you likely want to grant the per...| packetmischief.ca
This post is part of an open-ended series I'm writing where I take a specific protocol, app, or whatever-I-feel-like and focus on five functional aspects of that thing in order to expose some of how that thing really works. The topic in this post is the AWS Identity and Access Management (IAM) service. The IAM service holds a unique position within AWS: it doesn't get the attention that the machine learning or AI services get, and doesn't come to mind when buzzwords like "serverless" or "cont...| packetmischief.ca
