IAM Users ,Groups and Policies

-

 Hello Friends, In this post, I would like to write more about IAM and what it is in simple words. IAM stands for Identity and Access Management. It is one of the global services in the AWS console. User management in AWS is done through the IAM section. When we create an AWS account, our root account is created by default which we should not be used and share with our colleagues. 

Instead, we can create users in IAM and group them as well. Groups only contain users and not the other groups. Users can belong to several groups.

IAM Policy

    It's a JSON document that consists of a set of statements as given below. Policy document defines set of permissions for users. 
  


Version 

This is the policy language version used to process a policy. To use all of the available features of policy we can set "Version": "2012-10-17" as a version.

Statement 

  • Sid: Identifier of statement. it's optional. 

  • Effect: Allow/Deny. By default this is Deny. Action can be allowed or denied for specified resources.

  • Action: Its API Action for example S3 has different APIs like GetObject, PutObject etc.

  • Resource: Actual list of resources that will affect by the action.

  • Condition: It's an optional element and decided when actions are to be applied.

Security 

    Keep your passwords for higher security of your account. Allow IAM users to change their password and also set some expiration so that users can change it overtimes. As a rule of thumb don't reuse the same password.
We can set Multi-Factor Authentication for better security so that the account won't be compromised even if the password is stolen or hacked.

This is all about IAM users and groups in simple and easy language. Feel free to post your questions if any in the comments below. Thanks!!!  


IAM Roles 

IAM roles are required for services that will need to perform actions on your behalf. We have to assign permissions to AWS services with IAM Roles. Common roles are Ec2 Instance Roles, Lambda functions roles, and Roles for cloud formation.





Comments

Post a Comment

Popular posts from this blog

HashMap Implementation with a Balanced Tree

-
Image
  In Java 8, the HashMap implementation was enhanced to use balanced trees (specifically, red-black trees) instead of linked lists in certain situations to improve performance. Here's a detailed explanation of how and why this change was made: Background In a typical HashMap , each bucket (or bin) in the underlying array is a linked list that holds all the entries with the same hash code. This means that if many keys hash to the same bucket (i.e., there are hash collisions), the time complexity for operations like get , put , and remove degrades from O(1) to O(n) in the worst case, where n is the number of elements in the bucket. Changes in Java 8 To address this performance degradation, Java 8 introduced the use of balanced trees (red-black trees) for bins with a high number of collisions. The basic idea is to use a linked list for buckets with a small number of entries and switch to a red-black tree once the number of entries in a bucket exceeds a certain threshold (specificall...
Read more

Most frequently asked interview questions and answers on Microservices Architecture

-
Image
These questions cover a range of topics, from basic concepts to advanced strategies, and are designed to test the depth and breadth of an experienced professional's knowledge in microservices and distributed systems.   General Microservices Concepts What are microservices? How do they differ from monolithic architecture? Answer : Microservices are a design approach where an application is composed of loosely coupled services. Each service is fine-grained and performs a single function. Unlike monolithic architecture, where the entire application is built as a single unit, microservices allow for independent development, deployment, and scaling of each service. Can you explain the benefits and challenges of microservices architecture? Answer : Benefits include improved modularity, scalability, technology diversity, and resilience. Challenges involve managing distributed systems, handling data consistency, increased complexity in deployment, monitoring, and communication between serv...
Read more

Core Java Interview Questions

-
Image
 Core Java Interview Preparation  Welcome Friends to the Bright Tech Bits, in this post I am trying to cover the most asked interview questions for Java, Spring Boot, and Microservices. These questions are helpful for freshers as well as experienced ones. What is Method Hiding - static method overriding  in subclass  String constant pool List the different collections you are aware of. What is fail-safe and fail fast iterators Questions on Hashmap internal working  Difference between comparable and comparator interface. Difference between Array and ArrayList  Difference between HashMap and ConcurrentHashMap What is serialization and externalization, use of transient keyword Checked/Unchecked Exceptions How to create our own custom checked execption What is need of serialization. What is diff between wait and notify method in multithreading. Design Patterns - Creational , structural, Behavioral  Singletone Design pattern implementations  ...
Read more