Hii folk
🚀 Excited to share day 2 of comprehensive 30 days of AWSlearning path 🎮🎉👇
Welcome to Day 2 of our comprehensive 30-day aws learning path! In today’s session, we’ll be delving into the fascinating world of cloud AWS IAM . By the end of this lesson, we’ll have a solid understanding of cloud how it’s functions
Today, we'll take a look at a brief AWS IAM. Our goal is to focus on fundamentals then identify and learn the most commonly used services first and learn specialized services on a need to know basis.

What is IAM
AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. With IAM, you can centrally manage permissions that control which AWS resources users can access. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.

• AWS IAM is a service provided by Amazon Web Services (AWS) that helps you manage access to your AWS resources. It’s like a security system for your AWS account.

• IAM allows you to create and manage users, groups, and roles. Users represent individual people or entities who need access to your AWS resources. Groups are collections of users with similar access requirements, making it easier to manage permissions. Roles are used to grant temporary access to external entities or services.
  With IAM, you can control and define permissions through policies. Policies are written in JSON format and specify what actions are allowed or denied on specific AWS resources. These policies can be attached to IAM entities (users, groups, or roles) to grant or restrict access to AWS services and resources.
• IAM follows the principle of least privilege, meaning users and entities are given only the necessary permissions required for their tasks, minimizing potential security risks.

• IAM also provides features like multi-factor authentication (MFA) for added security and an audit trail to track user activity and changes to permissions.
By using AWS IAM, you can effectively manage and secure access to your AWS resources, ensuring that only authorized individuals have appropriate permissions and actions are logged for accountability and compliance purposes.
Overall, IAM is an essential component of AWS security, providing granular control over access to your AWS account and resources, reducing the risk of unauthorized access and helping maintain a secure environment.

Components of IAM

1. Users: IAM users represent individual people or entities (such as applications or services) that interact with your AWS resources. Each user has a unique name and security credentials (password or access keys) used for authentication and access control.
2. Groups: IAM groups are collections of users with similar access requirements. Instead of managing permissions for each user individually, you can assign permissions to groups, making it easier to manage access control. Users can be added or removed from groups as needed.
3. Roles: IAM roles are used to grant temporary access to AWS resources. Roles are typically used by applications or services that need to access AWS resources on behalf of users or other services. Roles have associated policies that define the permissions and actions allowed for the role.
4. Policies: IAM policies are JSON documents that define permissions. Policies specify the actions that can be performed on AWS resources and the resources to which the actions apply. Policies can be attached to users, groups, or roles to control access. IAM provides both AWS managed policies (predefined policies maintained by AWS) and customer managed policies (policies created and managed by you).

What Tools Do I Need to Implement Identity and Access Management?
The tools needed to implement IAM include password-management tools, provisioning software, security-policy enforcement applications, reporting and monitoring apps and identity repositories. IAM tools can include, but are not limited to:
• MFA
Multi-factor authentication means that your IAM provider requires more than one type of proof that you are who you say you are. A typical example is requiring both a password and a fingerprint. Other MFA choices include facial recognition, iris scans, and physical tokens like a Yubikey.
• SSO
SSO stands for single sign-on. If your IAM solution provides single sign-on, that means your users can sign in only once and then treat the identity and access management tool as a "portal" to the other software suites they have access to, all without signing in to each one.

Thanks for reading

I hope this is useful for you ✅
✅Reshare this with others so that it helps more people
✅Tag your colleagues and friends who you think will need this