Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Amazon Web Services

Deep Dive with Security: AWS Identity and Access Management (IAM)

Amazon Web Services and Amazon via AWS Skill Builder

Overview

As you build and deploy on AWS, granting developers and applications the right access to the right resources is critical to security. This self-paced course provides a deep dive into AWS Identity and Access Management (IAM) and best practices for using IAM policies. This course also covers advanced concepts, such as identity federation, temporary credentials, AWS Single Sign-On, and ways to troubleshoot access issues.

  • Course level: Advanced
  • Duration: 8 hours


Activities

This course includes demonstrations and assessments.


Course objectives

In this course, you will learn to:

  • Use and differentiate between role-based and attribute-based access controls
  • Leverage global and IAM condition keys according to best practices
  • Interact with AWS Security Token Service (AWS STS) for temporary credentials
  • Manage IAM session policies and duration to scope down permissions
  • Create an IAM identity provider
  • Demonstrate how you can use AWS Single Sign-On in identity federation
  • Troubleshoot IAM access issues


Intended audience

This course is intended for:

  • Security professionals with working knowledge of AWS
  • Users with an AWS account looking to build their knowledge on how best to use IAM


Prerequisites

We recommend that attendees of this course:

  • Have 1-2 years of experience using IAM to manage access via policies and roles
  • Have taken the AWS Security Fundamentals (2nd Edition) digital training or attended the AWS Security Essentials classroom training


Course outline

Module 1: AWS Identity and Access Management Review

  • IAM Fundamentals
  • IAM Policy Basics
  • Policy Evaluation Overview

Module 2: Access Control Deep Dive

  • The Matching Game
  • Attributes and Tagging
  • IAM Condition Keys
  • Global Condition Keys
  • Advanced Policy Elements

Module 3: Access Delegation Deep Dive

  • Interacting with AWS STS
  • Managing Role Sessions
  • Session Tagging

Module 4: Identity Federation Deep Dive

  • Federating Users in AWS
  • SAML-Based Federation
  • Web-Based Federation
  • AWS SSO for User Federation

Module 5: Access Analysis and Troubleshooting

  • IAM Policy Simulator
  • IAM Access Analyzer
  • Viewing Access History
  • Troubleshooting with AWS CloudTrail

Reviews

Start your review of Deep Dive with Security: AWS Identity and Access Management (IAM)

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.