AWS Security Services
- IAM
- KMS
IAM Introduction
- IAM has a global view
- Permissions are managed by Policies (JSON)
- Least privilege principles
IAM Federation
- For Big companies / organizations
- So user can login into AWS using their company credentials
IAM Summary
- One IAM User per PERSON
- One IAM Role per Application
- IAM credentials should be kept secret
- Never write IAM credentials in code.
- NEVER COMMIT YOUR IAM credentials
- Never use the ROOT account except for initial setup.
- Never use ROOT IAM Credentials