Advanced roles and groups management using IAM


3518 students completed the lab in ~36m

Total available time: 1h:0m

2279 students rated this lab!

Advanced roles and groups management using IAM

AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources for your users. You can specify permissions to a single user or you can use groups to specify permissions for a collection of users, which can make those permissions easier to manage for those users. Furthermore, you can use a Role to grant authorization to AWS resources without any credentials (password or access keys) directly associated with it. In this Lab, we allocate time to learn the recommended AWS security best practices.


Do you have questions about this Lab? Contact our cloud experts by sending an email to

Follow these steps to learn by building helpful cloud resources

Logging in to the Amazon Web Services Console

Your first step to start the Lab experience

Create IAM Group

How to create an IAM user group

Create IAM User

How to create an IAM user with a permission policy

Create customer managed policy with policy generator

You can create customer managed policies to define sets of permissions to attach to principal entities (users, groups, and roles) in your AWS account

Attach policy to Users

You can attach a managed policy to a principal entity (a user, group, or role) to apply the permissions in the policy to the principal entity

Create an IAM Role

You can use IAM roles to delegate access to your AWS resources.

Launch EC2 Instances with IAM Profile

Launch an new EC2 instance passing a IAM profile

Connect to a remote shell using an SSH connection

How to use a remote Linux shell from Windows, Linux or Mac

Test IAM Profile from EC2 Linux instance

Test the IAM Profile configuration on EC2 Instance