What is Identity and Access Management?

Intermediate
2m 29s
195
5/5

This lesson provides detail on the AWS Security, Identity, and compliance services relevant to the AWS Certified DevOps Engineer - Professional exam. These services are used to help secure and protect your resources and environment through access control mechanisms and encryption.

Want more? Try a lab playground or do a Lab Challenge!

Learning Objectives

  • Learn what Identity Federation is
  • Learn about the AWS services that can be used with it
  • Understand how it's implemented
  • Understand the benefits of AWS IAM Identity Center and how it can be used to simplify user access at scale
  • Create your own authentication mechanisms using Amazon Cognito
  • Create your own customized UI for user sign in
  • Create a secure user directory for all your applications and users
  • Understand what is meant by identity and access management and the difference between authentication, authorization, and access control
  • Learn the components of IAM as well as its reporting features
  • Understand the core principles of cross-account access using IAM
  • How to implement and configure cross-account access
  • Define how the Key encryption process works
  • Explain the differences between the different key types 
  • Create and modify Key policies
  • Understand how to rotate, delete and reinstate keys
  • Define how to import your own Key material
  • Learn how AWS Security Hub provides a comprehensive view of your security posture across AWS services
  • Understand the use of AWS Resource Access Manager (RAM) to securely share resources across multiple AWS accounts
  • Learn about AWS Certificate Manager (ACM) and ACM Private Certificate Authority to secure applications and devices using public and private certificates
  • Learn how the AWS Security Token Service (STS) enables you to request temporary, limited-privilege credentials for IAM or federated users
  • Understand how the AWS Web Application Firewall (WAF) is used to protect applications and APIs against common web exploits
About the Author
Students
233,398
Labs
1
Courses
237
Learning paths
207

Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data center and network infrastructure design, to cloud architecture and implementation.

To date, Stuart has created 250+ courses relating to cloud computing reaching over 1 million+ students.

Stuart is a member of the AWS Community Builders Program for his contributions towards AWS.

He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.

Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.

Covered Topics