image
hands-on labAdvanced Roles and Groups Management Using IAM
Intermediate
1h 15m
22,588
4.6/5
You can pause this lab for up to 60m
Start lab
Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.
Learn and validateUse validations to check your solutions every step of the way.
See resultsTrack your knowledge and monitor your progress.
Lab steps
Logging In to the Amazon Web Services Console
Creating an IAM User Group
Creating an IAM User
Create Access key for IAM user
Creating a Customer Managed Policy with Policy Generator
Attaching a Policy to Users
Creating an IAM Role
Launching EC2 Instances with IAM Profile
Connecting to the Amazon Virtual Machine Using EC2 Instance Connect
Testing IAM from an EC2 Linux Instance
Lab description

AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources for your users. You can specify permissions to a single user or you can use groups to specify permissions for a collection of users, which can make those permissions easier to manage for those users. Furthermore, you can use a Role to grant authorization to AWS resources without any credentials (password or access keys) directly associated with it. In this lab, you will learn the recommended AWS security best practices.

Learning Objectives

Upon completion of this lab you will be able to:

  • Create IAM groups
  • Create IAM users
  • Work with IAM policies
  • Work with IAM roles and instance profiles

Intended Audience

This lab is meant for:

  • Those preparing to work with AWS
  • Those preparing for certification in AWS
  • Those looking to use IAM according to secure best practice

Prerequisites

You should be familiar with:

  • AWS Management Console and AWS CLI familiarity are helpful but not required
  • Basic IAM principles are helpful but not required

Updates

February 27th, 2023 - Updated instructions and screenshots to reflect latest UI

June 2nd, 2022 - Updated instructions and screenshots to reflect the new launch instance wizard

April 8th, 2022 - Addressed an issue with launching EC2 instances

March 7th, 2022 - Updated the instructions and screenshots to reflect the latest UI

January 25th, 2022 - Updated the instructions and screenshots to reflect the latest UI

December 21, 2021 - Updated step for additional clarity and explanation.

October 28, 2021 - Updated final lab step for clarity.

September 22nd, 2021 - Updated some screenshots and converted lab to utilize EC2 Instance Connect

February 12th. 2021 - Updated the lab to resolve a permission issue when creating the role and updated screenshots to the latest console experience

July 17th, 2019- Refactored the Lab to improve the user experience

February 12th, 2019 - Insert a warning for avoiding the user checking the wrong checkbox

December 5th, 2018 - Added a validation Lab Step to check the work you perform in the Lab

Environment before
environment before preview
Environment after
environment after preview
About the author
Avatar
Matt Martinez
Cloud Content & Labs QA
Students
100,135
Labs
41
Learning Paths
9

Matt has worked for multiple Fortune 500 companies as a DevOps Engineer and Solutions Architect. He is an AWS Certified DevOps Engineer - Professional, and an AWS Certified Solution Architect - Associate. He enjoys reading and learning new technologies.

Covered topics
Identity and Access Management
Management
Security
Amazon Web Services
Security for AWS
Management for AWS
AWS Identity and Access Management (IAM)