01 Securing the Root Account
In this section, we are going to discuss how we are going to manage AWS accounts.
1. What is IAM?
IAM stands for Identity Access Management and essentially it allows you to manage users and their level of access to the AWS console and allows you to go ahead and create users and grant permissions to those users.
In IAM we can also create groups and roles. IAM basically used to control access for the AWS resources.
2. What is Root Account?
The root account has full administrative access to AWS and It's the email address used to sign up for AWS.
Hands-On
IAM Dashboard
LAB 1
When you first sign up for the AWS account with your root account, you need to add MFA for your root user.
Step 01
Click on the "Add MFA" button.
Step 02
Add a device name. Here I will add "Redmi"
Now you can download any authenticator app for your smartphone. In the above image, I have selected "Authenticator app". Select that and scroll down and go ahead to Next.
Step 03
In this step, you will able to see the QR code and you can do the setup device.
Let's assume we used the Google Authenticator app. Once you scan the QR code you will need to add two MFA codes from your device.
After adding those you will able to see your device has been added to your AWS account.
Exam Tips
- Enable MFA on the root account.
- Create an admin group for administrators, and assign the appropriate permissions to that group.
- Create user accounts for your administrators.
- Add your users to the admin group.
Top comments (0)