You're reading from AWS for System Administrators Build, automate, and manage your infrastructure on the most popular cloud platform – AWS

Product type Paperback

Published in Feb 2021

Publisher Packt

ISBN-13 9781800201538

Length 388 pages

Edition 1st Edition

Tools

AWS

Concepts

System Administration

Author (1):

Prashant Lakhera

View More author details

Table of Contents (18) Chapters

Preface

1. Section 1: AWS Services and Tools

2. Chapter 1: Setting Up the AWS Environment FREE CHAPTER

3. Chapter 2: Protecting Your AWS Account Using IAM

4. Section 2: Building the Infrastructure

5. Chapter 3: Creating a Data Center in the Cloud Using VPC

6. Chapter 4: Scalable Compute Capacity in the Cloud via EC2

7. Section 3: Adding Scalability and Elasticity to the Infrastructure

8. Chapter 5: Increasing an Application's Fault Tolerance with Elastic Load Balancing

9. Chapter 6: Increasing Application Performance Using AWS Auto Scaling

10. Chapter 7: Creating a Relational Database in the Cloud using AWS Relational Database Service (RDS)

11. Section 4: The Monitoring, Metrics, and Backup Layers

12. Chapter 8: Monitoring AWS Services Using CloudWatch and SNS

13. Chapter 9: Centralizing Logs for Analysis

14. Chapter 10: Centralizing Cloud Backup Solution

15. Chapter 11: AWS Disaster Recovery Solutions

16. Chapter 12: AWS Tips and Tricks

17. Other Books You May Enjoy

Leave a review - let other readers know what you think

Understanding IAM policies

An IAM policy is a JSON-formatted document that defines which action a user, group, or role can perform on AWS resources. When users or roles make a request, the AWS policy engine evaluates these policies and, depending on the permission defined in the policy request, is either allowed or denied. Once again, I want to re-emphasize the point that IAM policies are used for authorization. For authentication purposes, we are going to use IAM users.

Note

By default, all requests are implicitly denied, and IAM identities (user, group, or role) have no permissions or policies attached by default.

AWS supports four types of policies:

Identity-based policies: To grant permission to any identity, which can be users, groups, or roles, we can use identity-based policies.
Resource-based policies: This policy is mostly used with resources, such as an S3 bucket or KMS keys to grant permissions to a principal.
Permissions boundaries: Permissions...