Policy Creation Challenge

Languages Available: Deutsch | Español (Latinoamérica) | Español (España) | Français | Bahasa Indonesia | Italiano | 日本語 | 한국어 | Português (Brasil) | 中文（简体) | 中文（繁體)

This lab takes you through the process of writing AWS Identity and Access Management (IAM) policies that leverage conditional statements. You will practice building policies following the principle of least privileges to ensure that IAM users have access to resources that fall under only their job function. You will test the policies you create against different three-tier web applications that have different tags and that you launch in different Regions. Completing this lab will allow you to see how conditional statements are beneficial in locking down access to your account resources.

Level

Advanced

Duration

2 Hours 0 Minutes

Course Objectives

In this course, you will learn how to:

• Create IAM policies, and groups
• Attach policies to groups
• Write conditional statements to limit user access to resources
• Leverage tagging to enhance resource access

Intended Audience

This course is intended for:

• Architects
• Security Engineers

Prerequisites

We recommend that attendees of this course have the following prerequisites:

• None

Course Outline

• Task 1: Understanding the architectures you are working with
• Task 2: Creating policies and groups
• Task 3: Verifying user access