What can iam(identity access management) do to you as an organization or individuals?. let me help you to get the basic knowledge about it.
IAM is a service that allows you to manage users and their access to the AWS console. With IAM, you can create users, grant permissions, and manage access to your AWS resources. It also enables you to create groups and roles , let say you have a company called "TechGuru" , your company will have software developer , HR manager, E.T.C, now these people will need resources of the company to work with thereby, you need to create users for each of your workers right?, yes IAM can help you to do that and your company might have various department which this department are groups and they will also need resources to work with , IAM can also help you to do that.
Now let learn how to create users for your workers and also adding then to groups if needed
Sign in to the AWS Console: Log in using your root account credentials.
search for IAM and click on the IAM
Now click on create user
now input the name of the user and the user can generate his/her passwords but in this case i will allow aws to generate a password for me
We can learn that a user can only change his/her password and username but can not access the company resources unless he/she is given permission. Before we give the permissions , let imagine the user we just created is part of IT department , let create a group for IT department because any permission we assign to the group, any user within that group can have this permission ,so we don’t need to give each user permission, they will just inherit it from the group.
if you look at the picture down here 👇 you will see "add user to the group " since we don’t have a group, let create a group by clicking on create group
looking at the image below , i have given the group name "IT DEPARTMENT"
Now before we click on create user , we need to give it permission
what are permission ? Permissions in AWS are controlled using IAM policy documents, which are written in JSON (JavaScript Object Notation). These documents specify what actions are allowed or denied for a particular user, group, or role.
Here’s a basic example of a JSON policy document:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "*",
"Resource": "*"
}
]
}
now if you don't understand what this code above is , don't worry , we will cover that in the later lesson
Now let give our group permission
From the picture above we have given the group some permission, now let create the group
Now we can see that our group is created and i have clicked on the group and now we can create user by clicking on the next button
looking at the picture above this is just the review section , so let check if everything is okay and correct, let click on create user
looking at the picture above we can see that we have create a user
you can download load the .cv file to see the user credential , now let return to our user list to see our user
Now our user is created.
Join me next week as we dive into s3(Simple Storage Services)
Thank you.
Top comments (0)