Scribd Logo
Upload

Welcome to Scribd!

  • Hands+on+Lab+Activity+ +IAM+in+AWS

    Uploaded by

    Ram Nath
    34 views3 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    34 views3 pages

    Hands+on+Lab+Activity+ +IAM+in+AWS

    Uploaded by

    Ram Nath

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    Hands-On Lab

    Activity: IAM in
    AWS

    Step 1
    In this Hands-On Lab Activity, you will do more with IAM than you did previously.
    You will also learn about some other key services related to identity.

    Log in to the AWS console using your myaccount AWS admin account.

    Step 2
    Click the Services menu in the top left and search for IAM.
    In the previous lab on IAM, you created a group, assigned permissions to the
    group, and then created a new user identity in the group. In this step, we
    examine role creation and a common use case.

    Click Roles in the left pane. Click the Create Role button from the top right.

    Notice the possible use cases for roles. These include AWS services, another
    AWS account, a web identity, or a SAML 2.0 federation.

    Choose AWS service and then select EC2 from the common use case area.
    Click Next: Permissions.

    Step 3
    In the Attach Permissions Policies window, type S3 in the Filter Policies field.
    Select the policy named AmazonS3ReadOnlyAccess. Choose the Next: Tags
    button. Create a key of ccsk and a value of iam lab 2. Click Next: Review.

    Provide a role name of role_ec2reads3. Click the Create Role button.

    Step 4
    What if you have decided to create a new AWS account for your enterprise
    environment. This account is to be run by the Research and Development team.
    They have several dedicated IT staff members that will handle the cloud
    activities. You would like to consolidate the billing for your account and the R&D
    account. You would also like to be able to control their usage limits against AWS.

    The relatively new service that provides these functions is called AWS
    Organizations. Use the Search area at the top of the page you are on and
    search for AWS Organizations. Click this service from the list of services that
    appears. Read more about AWS Organizations from this intro page.

    Step 5
    From the search bar at the top of the screen, search for Cognito and select it
    from the services that appear.

    Cognito is a service that facilitates your ability to run sign-ups and sign-ins for
    your mobile and/or your web-based applications.

    This service provides you plenty of options for these user accounts. It can even
    simplify the process of federation from other common identity sources like
    Google and Facebook.

    You might also like