AWS学习之路(二)

IAM:Users & Groups

IAM = Identity and Access Management, Global service

Root account created by default, shouldn`t` be used or shared

Users are people within your organization, and can be grouped

 

 IAM:Permissions

Users or Groups can be assigned JSON documents called policies

 

These policies define the permissions of the users

In AWS you apply the least privilege principle: don`t give more permissions than a user needs

IAM Policies inheritance

 

IAM Policies Structure

Consists of "Version, Id, Statement"

Statement consists of "Sid, Effect, Principal, Action, Resource, Condition(optional)"

 

posted on 2023-03-04 15:00  Hanson_Wang  阅读(12)  评论(0编辑  收藏  举报

Powered by: 博客园 Copyright © 2024 Hanson_Wang
Powered by .NET 8.0 on Kubernetes