Chapter overview

In this chapter, we are going to learn about AWS IAM. We will go through various IAM tools and features and their use cases and look at ways in which we can access IAM. We will deep dive into IAM authentication and authorization. Authentication includes identities such as users, roles, and groups, and authorization talks about access management, permissions, and policies for AWS resources. We'll walk through the benefits of IAM and how it can help us secure our AWS resources. Finally, we'll take a look at IAM best practices.

The following is a snapshot of what we'll cover in this chapter:

• IAM features and tools
• IAM authentication
• IAM authorization
• AWS credentials
• IAM limitations
• IAM best practices

This chapter will help us understand user authentication and access control in detail. Essentially, IAM is our first step towards securing our AWS resources. All of us who have used a laptop or a mobile phone understand that access control plays a vital part in securing our resources. So, if a person gets hold of your credentials, it will be disastrous from the point of view of data security. Ensuring your credentials are secure, having trusted entities interacting with your AWS resources, and having stringent controls as well as greater flexibility allows you to support multiple use cases with a wide variety of AWS resources.

Along with learning about all available IAM features, we will also learn how to create, monitor, and manage various identities, their credentials, and policies. Additionally, we'll look at Multi-Factor Authentication (MFA), Secure Token Service (STS), and tools such as IAM policy simulator.

Following on, we'll deep dive into identities and policies. We'll learn what tools and features are available in AWS IAM to support a myriad of use cases for allowing access and performing actions on AWS resources. We will go through the various credentials that AWS provides and how to manage them.

We'll go through IAM limitations for various entities and objects. Lastly, we'll take a look at IAM best practices that are recommended to ensure that all your resources can be accessed in a secure manner.