You're reading from AWS for System Administrators Build, automate, and manage your infrastructure on the most popular cloud platform – AWS

Product type Paperback

Published in Feb 2021

Publisher Packt

ISBN-13 9781800201538

Length 388 pages

Edition 1st Edition

Tools

AWS

Concepts

System Administration

Author (1):

Prashant Lakhera

View More author details

Table of Contents (18) Chapters

Preface

1. Section 1: AWS Services and Tools

2. Chapter 1: Setting Up the AWS Environment FREE CHAPTER

3. Chapter 2: Protecting Your AWS Account Using IAM

4. Section 2: Building the Infrastructure

5. Chapter 3: Creating a Data Center in the Cloud Using VPC

6. Chapter 4: Scalable Compute Capacity in the Cloud via EC2

7. Section 3: Adding Scalability and Elasticity to the Infrastructure

8. Chapter 5: Increasing an Application's Fault Tolerance with Elastic Load Balancing

9. Chapter 6: Increasing Application Performance Using AWS Auto Scaling

10. Chapter 7: Creating a Relational Database in the Cloud using AWS Relational Database Service (RDS)

11. Section 4: The Monitoring, Metrics, and Backup Layers

12. Chapter 8: Monitoring AWS Services Using CloudWatch and SNS

13. Chapter 9: Centralizing Logs for Analysis

14. Chapter 10: Centralizing Cloud Backup Solution

15. Chapter 11: AWS Disaster Recovery Solutions

16. Chapter 12: AWS Tips and Tricks

17. Other Books You May Enjoy

Leave a review - let other readers know what you think

The power of the IAM permission boundary

The main idea behind a permission boundary is to provide a safety net. It's a set of access rights that an entity such as user, group, or organization can never exceed. A permission boundary on its own doesn't grant any permissions. The primary purpose of it is to restrict access. To understand permission boundaries, let's take a simple example, as follows:

Create an IAM user using an aws iam create-user command. We need to pass –-user-name at the end of the command and then give the username—in this case, mypermuser. This will create an IAM user, as follows:
```
$ aws iam create-user --user-name mypermuser
```
In the next step, we will assign full permissions to the user by attaching an AdministratorAccess policy. To attach this policy, we need to use an aws iam attach-user-policy command and then pass the username, mypermuser, which is the same user we created in the previous step. The code for this can be seen...