AWS Identity and Access Management (IAM) is a powerful mechanism for granting and controlling access when using the public AWS cloud. Policy management can easily become a complex task. AWS provides an IAM Policy Simulator to help you understand and test the effects of a policy without implementing them in a real AWS environment.
Learning how to use the AWS IAM Policy Simulator will help you craft IAM policies that follow best practices, such as the principle of least privilege.
In this hands-on lab, you will use the web-based IAM Policy Simulator to simulate a policy, and you will use the AWS CLI to simulate IAM policies.
Learning objectives
Upon completion of this intermediate-level lab, you will be able to:
- Use the web-based IAM Policy Simulator to test controlling access to an Amazon S3 bucket by AWS region
- Use the AWS CLI to simulate a policy that controls access through an AWS Organization
- Use the AWS CLI to simulate policies that control access using tags
Intended audience
- Candidates for the AWS Certified Security Specialty certification
- Cloud Architects
- Data Engineers
- DevOps Engineers
- Software Engineers
Prerequisites
Familiarity with the following will be beneficial but is not required:
- AWS Identity and Access Management (IAM)
- AWS Organizations
- Tagging in AWS
The following content can be used to fulfill the prerequisites:
Andrew is a Labs Developer with previous experience in the Internet Service Provider, Audio Streaming, and CryptoCurrency industries. He has also been a DevOps Engineer and enjoys working with CI/CD and Kubernetes.
He holds multiple AWS certifications including Solutions Architect Associate and Professional.