Deep Dive with Security: AWS Identity and Access Management (IAM)
Offered By: Amazon Web Services via AWS Skill Builder
Course Description
Overview
As you build and deploy on AWS, granting developers and applications the right access to the right resources is critical to security. This self-paced course provides a deep dive into AWS Identity and Access Management (IAM) and best practices for using IAM policies. This course also covers advanced concepts, such as identity federation, temporary credentials, AWS Single Sign-On, and ways to troubleshoot access issues.
- Course level: Advanced
- Duration: 8 hours
Activities
This course includes demonstrations and assessments.
Course objectives
In this course, you will learn to:
- Use and differentiate between role-based and attribute-based access controls
- Leverage global and IAM condition keys according to best practices
- Interact with AWS Security Token Service (AWS STS) for temporary credentials
- Manage IAM session policies and duration to scope down permissions
- Create an IAM identity provider
- Demonstrate how you can use AWS Single Sign-On in identity federation
- Troubleshoot IAM access issues
Intended audience
This course is intended for:
- Security professionals with working knowledge of AWS
- Users with an AWS account looking to build their knowledge on how best to use IAM
Prerequisites
We recommend that attendees of this course:
- Have 1-2 years of experience using IAM to manage access via policies and roles
- Have taken the AWS Security Fundamentals (2nd Edition) digital training or attended the AWS Security Essentials classroom training
Course outline
Module 1: AWS Identity and Access Management Review
- IAM Fundamentals
- IAM Policy Basics
- Policy Evaluation Overview
Module 2: Access Control Deep Dive
- The Matching Game
- Attributes and Tagging
- IAM Condition Keys
- Global Condition Keys
- Advanced Policy Elements
Module 3: Access Delegation Deep Dive
- Interacting with AWS STS
- Managing Role Sessions
- Session Tagging
Module 4: Identity Federation Deep Dive
- Federating Users in AWS
- SAML-Based Federation
- Web-Based Federation
- AWS SSO for User Federation
Module 5: Access Analysis and Troubleshooting
- IAM Policy Simulator
- IAM Access Analyzer
- Viewing Access History
- Troubleshooting with AWS CloudTrail
Tags
Related Courses
AWS IAM (Identity and Access Management) - Deep DiveA Cloud Guru Introduction to Amazon Cognito
A Cloud Guru Actualización automática de los grupos de seguridad con AWS Lambda (Español LATAM) | Update Security Groups Automatically Using AWS Lambda (LATAM Spanish)
Amazon Web Services via AWS Skill Builder Aggiornamento automatico dei gruppi di sicurezza mediante AWS Lambda (Italiano) | Update Security Groups Automatically Using AWS Lambda (Italian)
Amazon Web Services via AWS Skill Builder Applicazioni web serverless mediante Amazon DynamoDB - Parte 1 (Italiano) | Serverless Web Apps using Amazon DynamoDB - Part 1 (Italian)
Amazon Web Services via AWS Skill Builder