Identity Access Management
What is Cloud Web Services?
The term “cloud web services” refers to a good range of services delivered on demand to companies and customers over the web . These services are designed to supply easy, affordable access to applications and resources, without the necessity for internal infrastructure or hardware. From checking email to collaborating on documents, most employees use cloud services throughout the workday, whether they’re aware of it or not.
What is IAM?
• IAM may be a cloud service that controls the permissions and access for users and cloud resources.
• IAM policies are sets of permission policies which will be attached to either users or cloud resources to authorize what they access and what they will do with it.
• The core objective of IAM systems is one digital identity per individual.
• This service is offered by almost all of the Cloud Service Provider.
Where do we use it?
• Fine-grained access control to cloud resources:
• This defines refined access to the employees to a particular section or department/resource of the cloud.
• Multi-factor authentication for highly privileged users:
• This defines a security feature namely multi-factor authentication, that helps to accurately identify a user on multiple factors.
• Analyse or monitor access:
• This defines a component to analyse or monitor the access or activities performed by the individual user or group at a particular time.
IAM in AWS
• AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely.
• Using IAM, you’ll create and manage AWS users and groups, and use permissions to permit and deny their access to AWS resources.
• IAM may be a feature of your AWS account offered at no additional charge. You will be charged just for use of other AWS services by your users.
How IAM in AWS works?
Manage IAM users and their access -
• you’ll create users in IAM, assign them individual security credentials.
• you’ll manage permissions so as to regulate which operations a user can perform.
Manage IAM roles and their permissions -
• you’ll create roles in IAM and manage permissions to regulate which operations are often performed by the entity, or AWS service, that assumes the role.
• you’ll also define which entity is allowed to assume the role.
Managing IAM in AWS
In this blog we will get to know how we can manage IAM with the following factors:
• Users
• Groups
• Policy
• Roles
Managing IAM Users
We will create a user using IAM service in AWS Management Console following the below steps:
• Click on Service >> IAM
• Onto dashboard Click on Users.
• Click on Add User >> Fill the required Details as per the usage.
• Assign Roles/Policies as per the requirement.
• Review the configuration.
• Kudos! The process has completed and User is been created.
Managing IAM Groups
We will create a Group using IAM service in AWS Management Console following the below steps:
• Click on Service >> IAM
• Onto dashboard Click on Groups.
• Click on Add Group >> Fill the required Details as per the usage.
• Assign Roles/Policies as per the requirement.
• Review the configuration.
• Kudos! The process has completed and Group is been created.
Managing IAM Policy
We will create a Policy using IAM service in AWS Management Console following the below steps:
• Click on Service >> IAM
• Onto dashboard Click on Policies.
• Click on Create Policy >> Choose Service >> Define Actions >> Requisites.
• Review the configuration.
• Kudos! The process has completed and Policy is been created.
Managing IAM Roles
We will create a Roles using IAM service in AWS Management Console following the below steps:
• Click on Service >> IAM
• Onto dashboard Click on Roles.
• Click on Create Roles >> Choose Use Case >> Define Permissions/Policies.
• Add Tags if required.
• Review the configuration.
• Kudos! The process has completed and Role is been created.
Conclusion
• We came to understand more about the concept of Identity and Access Management.
• We learnt how it is defined in AWS.
• We saw how we will create User, Group, Policy and Roles.
• Using the features of IAM we will have better security and may analyze/monitor the access.
• From the above mentioned points we can conclude IAM can help us redefine and enhance infrastructure’s security and control status.
