The AWS Identity and Access Management service, commonly known as IAM is one of the first AWS security services that you will come across when working with AWS.  It’s the central service for administering user accounts allowing them to gain access to your AWS resources.  From user creation, password policies, access policies, roles, groups, and more, understanding AWS IAM is essential if you are looking to enforce stringent security controls within your AWS accounts.  

My name is Stuart Scott and I'm the AWS Content Director here at Cloud Academy.  Feel free to connect with me to ask any questions using the details shown on the screen. Alternatively, you can always get in touch with us here at Cloud Academy by sending an email to support@cloudacademy.com where one of our cloud experts will reply to your question. 

During this learning path, I will cover the following learning objectives which will be delivered via a series of courses and hands-on labs.

I shall be providing an overview of the AWS IAM service, along with its core features. I will ensure you understand what is meant identity and access management and the difference between authentication, authorization, and access control, and I’ll follow this by explaining the different components of IAM, including its reporting features

Next, I’ll explain how to manage your user identities when using IAM.  We shall take an in-depth look at learning the essentials of user management within IAM in addition to how to create, manage, and configure users using security best practices.

When working with IAM, it's important to understand the security best practices when using user groups and roles and how these can help you secure access to your resources more effectively.  You will learn how to gain a foundational understanding of IAM roles, and how to use  AWS service roles to access AWS resources on your behalf.  I’ll explain how we can leverage roles to grant temporary access for users and how roles are used to help federate access.

As you become more familiar with IAM you will need to be able to create and read IAM policies to implement fine-grained control.  Therefore we will also be looking at how to define and manage permission via these policies where we shall learn about:

• The different types of IAM policies you can expect to see when working within IAM.  
• How to implement these policies effectively to build secure and robust access controls for your users.  
• How to read these IAM policies to understand the permissions they are granting and restricting.
• And how policy evaluation logic operates 

Obviously, when working with AWS, it’s likely you’ll be operating between more than one account. As a result, I shall also be explaining how to implement cross-account access.  I shall explain what cross-account access is and why you would implement it, and I’ll cover the key steps involved in its configuration before demonstrating how to implement it.

This learning path also covers a range of useful hands-on labs that will allow you to put the theory learned from the courses into practice in a safe environment.  

That’s all from me, so let’s get started with learning How to manage and secure your environment using IAM.