Create and Manage Users with AWS IAM
In this lab, you’ll practice creating and managing users with AWS IAM. When you’re finished with this lab, you’ll have the skills to create and apply best practices for access management to an organization's AWS operations and resources.
Terms and conditions apply.
Challenge
Create Groups Based on Required Access
Group membership allows you to apply permissions to more than one user at a time. You will create groups for AWS administration, dev ops, dev, security, and management (finance), and select appropriate default policies for each.
Challenge
Create Users and Apply Groups
You will now create five users with the user creation wizard, and select the appropriate group for each. You will choose programmatic vs api access for the appropriate team members, and will enter the email and organizational tag information.
Challenge
Create A Custom Policy Access To S3 Bucket Functionality
Create a policy to granularly restrict access to the creation of S3 buckets. This policy is meant for use with internal resources only, and will restrict the allowed access to read-only as well as to your AWS internal IP space.
Challenge
Create a Custom Role for EC2 Instance Access to S3 Bucket
Create a new role with the previously created policy that temporarily grants access to dynamically and programmatically create S3 buckets. Then you will attach this role to a specific EC2 instance in the environment.
Provided environment for hands-on practice
We will provide the credentials and environment necessary for you to practice right within your browser.
Guided walkthrough
Follow along with the author’s guided walkthrough and build something new in your provided environment!
Did you know?
On average, you retain 75% more of your learning if you get time for practice.
Recommended prerequisites
- AWS Console Administratioin
- AWS EC2 Instances
- AWS S3 Buckets