Languages Available: Español (Latinoamérica) | Français | Bahasa Indonesia | Italiano | 日本語 | 한국어 | Português (Brasil) | 中文(简体)
This lab takes you through the process of updating AWS Identity and Access Management (IAM) trust policies and assuming roles. You will practice building policies that users can assume to obtain elevated permissions on an as-needed basis. You will also learn how to revoke sessions using conditional statements. Completing this lab will allow you to see how role assumption helps lock down access to your AWS accounts. This lab will also challenge you to programmatically assume a role for an Amazon Elastic Compute Cloud (Amazon EC2) instance.
Level
Advanced
Duration
2 Hours 0 MinutesCourse Objectives
In this course, you will learn how to:
- Create IAM policies
- Attach the policies to existing roles
- Assume roles
- Revoke a session
Intended Audience
This course is intended for:
- Architects
- Developers
- Security Engineers
Prerequisites
We recommend that attendees of this course have the following prerequisites:
- None
Course Outline
- Task 1: Understanding the architecture you are working with
- Task 2: Creating different access policies and attaching them to roles
- Task 3: Assuming roles
- Task 4: Revoking sessions
