Identity Access Management, also known as IAM, can be an intimidating service when getting started with AWS. But IAM is also one of those core services that you can’t really avoid. In this episode we try to distill down everything that you need to know to understand IAM and start to use it proficiently. We cover what IAM is, why it is so important, how authentication and authorization work, what policy documents are and how to write them, how a user or an application get credentials to interact with AWS and finally many examples, tips and tricks.
In this episode we mentioned the following resources:
- IAM access analyzer
- Our previous episode on how to manage AWS credentials
- Understanding how IAM Policies work (AWS Docs)
- Policy simulator
- Policy evaluation logic (AWS Docs)
- How the Signature v4 (sigv4) algorithm works (AWS Docs)
- Actions, resources, and condition keys for AWS services
- Video IAM Concepts by beabetterdev
- Re:Invent session “Getting started with AWS identity” by Becky Weiss
- Re:Invent session “Become an IAM Policy Master in 60 Minutes or Less” by Brigid Johnson