Skip to main content
HashnodeDevOps: A Beginner's Guide

Command Palette

Search for a command to run...

Getting Started With AWS

Published
3 min read
S
Samish Kumar

AWS

  • Most functionality : AWS has significantly more services, and more features within those services, than any other cloud provider–from infrastructure technologies like compute, storage, and databases–to emerging technologies, such as machine learning and artificial intelligence, data lakes and analytics, and Internet of Things.

  • Easy to use: AWS is designed to allow application providers to quickly and securely host your applications.

  • Cost-Effective : You pay only for the compute power, storage, and other resources you use, with no long-term contracts or up-front commitments.
  • Scalable and high-performance : Using AWS tools, Auto Scaling, and Elastic Load Balancing, your application can scale up or down based on demand.
  • Secure : AWS utilizes an end-to-end approach to secure and harden our infrastructure, including physical, operational, and software measures .

What is IAM user ?

An AWS Identity and Access Management (IAM) user is an entity that you create in AWS to represent the person or application that uses it to interact with AWS.

It provides two essential functions :

  1. Authentication : It validates the identity of the user using the user credentials (username and password) . Advanced authentication involves MFA (Multi Factor Authentication ) and is done by sending codes using software such as Okta Verify .

  2. Authorization Once a user is authenticated, authorization allows for the access rights for the user and limits access to only the resources permitted for that specific user.

Four Entities in IAM

  • Users : A user is the basic entitiy in IAM. A user is a person or a service, such as an application or platform, which interacts with the cloud environment.

    One need to have the authorization credentials i.e. username and password in order to log into that user and perform (Log in as IAM user).

  • Groups : A group is a collection of users that have same permissions and policies. Any permissions associated to a group are automatically assigned to all users in that group.

    One user can be present in multiple groups and have the different permissions of those particular groups.

    One can update the policies of the IAM user and group at any time like while creating the same or even after creation we can update the permissions.

  • Roles : A role is a identity that is not associated with any specific user. Roles do not use passwords and can be assumed by authorized users.

    Roles enable different users to temporarily assume different permissions for different tasks.

  • Policies : Policies are AWS objects that are attached to users, groups, roles or resources that define the permissions granted to those identities.

    When a user tries to access a resource, the request is checked against the associated policies. If the request is permitted, then it is granted. If not, it is denied.

    AWS policies are based on six different criteria: identity, resources, permission boundaries, service control policies, access control lists and session policies.

#linuxhiteshchoudharysakshamchoudharyshubhamlondheineuron

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

DevOps: A Beginner's Guide

4 posts