AWS Identity and Access Management (IAM) Foundations

Name: AWS Identity and Access Management (IAM) Foundations
Rating: 4.6 (1144 reviews)

Setup and Configure Multiple Users in an AWS account using IAM. Assign Privileges, Create Access Logs, and Setup MFA.

Created byYouAccel Training, Blue Digital Media

Last updated 10/2021

English

What you'll learn

The Mechanics behind IAM
Managing IAM Users
IAM Administration (Guide) (Listing, Deleting Users & Accounts)
Managing Permissions for IAM Users
Changing IAM User Permissions
Creating and Administering IAM Groups
Creating and Administering IAM Group Policies
Assigning Preset and Custom Group Policies
Creating and Administering IAM Roles
IAM Authentication and Security
Rotating IAM Access Keys
IAM Multi-Factor Authentication (MFA)
IAM Credentials Report (Guide)

Course content

2 sections • 36 lectures • 2h 52m total length

Introduction1:29
Navigate the AWS console, understand on-demand pay-per-use services, and manage regional vs global offerings while building foundational billing controls and security practices to prevent unauthorized use.
AWS Pricing Foundations5:59
Explore AWS pricing foundations, including pay-per-use billing, resource types, and volume-based, tiered discounts; compare reserved pricing options—all upfront, partial upfront, and no upfront—with clear savings examples.
AWS Free Tier Overview5:20
Explore AWS free tier to learn with no upfront cost, including 750 hours of EC2 t2/micro or t3 micro usage, billing alerts, and storage options like S3, EFS, and EBS.
AWS Acceptable Use Policy2:46
Explore the AWS acceptable use policy, including prohibited uses and enforcement, and review legal agreements and the privacy policy to keep your cloud account compliant.
AWS Account Registration7:03
Register an AWS account on the free tier and verify identity. Sign in to the AWS management console and explore services, regions, and root user versus IAM user.
AWS Cloud Practitioner Exam - Key Topics8:01
Navigate the aws cloud practitioner exam’s key topics, focusing on IAM foundations and core services like EC2, S3, VPC, RDS, Route 53, CloudWatch, and Snowball.
AWS Global vs. Regional Services7:06
Global vs. Regional Services Example5:53
Learn how global IAM differs from regional EC2 and S3 storage, and how Route 53 and CloudFront enable global web traffic with low latency in a Los Angeles case.
Creating Billing Alerts8:45
Learn to set up AWS billing alerts by configuring CloudWatch to monitor estimated charges and sending email notifications via SNS when a predefined threshold, such as $10, is exceeded.
AWS Multi-Factor Authentication (MFA)4:34
Enable multi-factor authentication on your AWS root account to add possession-based security on top of knowledge-based sign-in. Install Google Authenticator on your smartphone and enter the code during sign-in.
Activate MFA for the Root User Account4:01
Learn to enable MFA for the AWS root account using a virtual MFA device with Google Authenticator, including scanning a QR code and validating codes for secure sign-in.
Creating IAM Users and Groups11:57
Create an IAM user named John, grant console and programmatic access, add him to an admin group with Administrator Access, tag title administrator, and securely store the credentials.
IAM User Custom Sign-In Link4:00
Configure a custom sign-in link for IAM users by creating an organization-branded alias, sign in with a new administrative IAM account instead of the root account, and enable factor authentication.
Configure a Custom Password Policy2:04
Learn to configure a password policy in the aws iam console, enforcing a minimum of eight characters with uppercase, lowercase, numbers, and non-alphanumeric characters to secure iam users.

Introduction to IAM6:08
Explore the role of AWS identity and access management, including user accounts, granular permissions, MFA, logging with CloudTrail, and access via the management console, CLI, SDKs, and APIs.
IAM Mechanics (Theory)6:52
Explore how IAM works through six elements: principles, authentication, request, action, resources, and authorization, driven by policies and permissions for principals such as users and roles.
IAM Users3:30
Discover the IAM user concept, including name and credentials, how root differs from IAM users, with policies and authentication methods like console passwords and SSH keys.
Introduction to Managing IAM Users0:50
Explore IAM user management by viewing IAM user access, deleting, renaming, and changing permissions for IAM users, including John in the Admin Group.
IAM Administration (Guide) (Listing, Deleting Users & Accounts)8:33
Learn to view user access history with the IAM access advisor, inspect services and policies for users, groups, and roles, and safely list or delete accounts.
Managing Permissions for IAM Users2:00
Learn to manage IAM user permissions by adding to groups, copying permissions, attaching policies directly, or setting permission boundaries, with hands-on guidance.
Changing IAM User Permissions (Method 1)3:25
Changing IAM User Permissions (Method 2)3:04
Create a new IAM user, enable programmatic and console access, and copy permissions from an existing user to the new one, so Bob inherits John’s admin group and admin rights.
Changing IAM User Permissions (Method 3)6:44
Attach a custom S3 policy to an IAM user using the visual editor or Json, review the policy, and attach it to Bob for full S3 access.
IAM Groups4:21
Learn how IAM groups bundle users to manage permissions, how groups inherit policies, and how an example organization structures administrators, developers, and test groups with tailored access.
IAM Group Administration2:57
Perform a hands-on demonstration of IAM group administration, including listing groups, renaming, deleting groups, adding and removing users, and attaching policies to groups.
IAM Groups (LAB Exercise)6:54
Create groups developers and test, attach EC2 full access, CodeBuild developer access, and ECS full access, then create users Kelly, Kim, and Bill and assign them to their groups.
IAM Policies3:15
Explore how AWS policies grant access by attaching identity-based or resource-based policies to IAM users, groups, or resources. Learn about JSON documents, the six types, and inline policies.
IAM Inline Policies (Guide)3:22
Create and apply inline policies to IAM users in the AWS management console, granting S3 list and read access for all resources.
IAM Custom Policies2:36
Create a custom inline JSON policy for Sam, granting get and put access to all S3 buckets during the April 13, 2021 to June 6, 2021 window.
IAM Custom Policies (Guide)4:47
Create an iam user named Sam with programmatic and console access, then attach a custom Json inline policy for s3 full access, review the policy, and save the access keys.
IAM Roles3:20
explains what iam roles are and how they function as identities tied to policies, granting temporary credentials for applications or users to access resources, including cross-account access and ec2 actions.
IAM Roles (Practical Guide)5:48
Learn to create and attach an iam role that lets an ec2 instance access s3 with amazon s3 full access, demonstrating trusted entities and practical usage.
IAM Authentication and Security5:30
Explore IAM authentication across console and programmatic access, implement MFA, manage keys securely, and apply least privilege with roles, groups, policies, and temporary credentials via STS.
Rotating Access Keys2:39
Learn how to rotate IAM access keys for any IAM user, checking key age and activity, deleting or deactivating old keys, and creating new keys to keep accounts secure.
IAM Multi-Factor Authentication (MFA)4:09
Explore how AWS uses multi-factor authentication (MFA) with knowledge, possession, and inheritance categories, including virtual MFA apps like Google Authenticator and hardware keys such as Yubikey, detailing the login flow.
IAM Credentials Report (Guide)3:08
Create and download an AWS IAM credentials report, then review user names, ARNs, creation dates, password and access key rotation, and MFA status to ensure compliance.

Requirements

Basic Computer Skills

Description

Welcome to the AWS Identity and Access Management (IAM) Foundations Certification Course.

In this course we will explore AWS Identity and Access Management (IAM).

IAM is a very important part of understanding how to securely and efficiently manage the services and users within an AWS account.

As defined by AWS, “AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.”

When creating an AWS account, the default account is the Root account. This root account has complete access to all AWS services and resources on the account. The root account should only be used to perform a few account and service management tasks.

Each service deployed in an AWS account should only be accessible to users permitted to use the service.

This course will explore the following components of IAM with hands-on exercises:

Allowing multiple users to administer the resources in an AWS account without having to share passwords.
Creating granular permissions for AWS users. This means each IAM user can be granted a different level of privileges for different resources in the AWS account.
Applying IAM credentials to applications, thus providing the application with access to specified AWS services.
Enabling Multi-Factor Authentication (MFA) for individual IAM Users.
Enabling access records and logging for IAM Users using AWS CloutTrail.

If you are interested in learning how to securely manage an AWS account using IAM, hit the enroll button and let's get started.

Who this course is for:

Students interested in Cloud Computing with AWS
Students interested in learning the foundations of Amazon Web Services
Students interested in administering AWS accounts using Identity and Access Management (IAM)
Students interested in securing AWS accounts by assigning Access Privileges to IAM Users

AWS Identity and Access Management (IAM) Foundations

What you'll learn

Explore related topics

Course content

Getting Started with AWS14 lectures • 1hr 19min

IAM: Identity and Access Management22 lectures • 1hr 34min

Requirements

Description

Who this course is for: