We probably should have started our AWS tour with the Identity and Access Management service (IAM). This stop on our tour is one of the most pervasive of the AWS services. It is also one of the most important.
Once you have spent any time in the AWS environment, the focus on security becomes apparent. Likewise, you have run into IAM at some point if you have used any of the services we have covered in the past. Amazon has made sure that security is a consideration with all of their services. However, they also make administration of it fairly easy. This ease of management is where IAM comes in.
Groups and Users Across Your Cloud
The IAM approach to security should be familiar. It allows you to create groups and assign users to those groups so permissions can be easily managed. There are also features like password strength rules and the ability to grant limited admin access to the dashboard.
The biggest advantage of this service is that it applies to all of your AWS services. Thus, your groups and users need only be setup once. As new services are added there will be more permissions available. However, those can just be added on to existing profiles and allow for secure growth of your Amazon infrastructure.
A Standard Approach
Amazon has built a best practice approach for the IAM service. Thus, the documentation and guides can help a novice navigate the complexities of securing a cloud service. There are a lot of moving parts, but the IAM documentation helps you get to a secure foundation quickly. It even provides some explanation along the way to educate admins on the “why” of the security measures.
If you are using any AWS service and have not spent some time using IAM to create your security infrastructure, then you are missing out. The time invested in learning and utilizing this service pays for itself in both time and safety.