![]()
1. IAM Roles for Services- To do so, we will assign permissions to AWS services with IAM Roles- is not for users(person)- combine with service/Instance, enable for EC2 Instance(virtual server) to access AWS - Common roles : EC2 Instance Roles, Lambda Function Roles, Roles for Cloud Formationโญ Role ์ ์ญํ ์ AWS Entity์๊ฒ AWS ์์ ์์
์ ์ํํ ์ ์๋ ๊ถํ์ ๋ถ์ฌํ๋ ๊ฒโญ Users(์ฌ๋)์๊ฒ ๋ถ์ฌํ๋ ๊ฒ์ด ์๋ 2. How to Create RolesIA..
![]()
1. How can users access AWS ? - To access AWS, you have three options: • AWS Management Console (protected by password + MFA) • AWS Command Line Interface (CLI): protected by access keys • AWS Software Developer Kit (SDK) - for code: protected by access keys - Access Keys are generated through the AWS Console - Users manage their own access keys - Access Keys are secret, just lik..
![]()
IAM Policies StructureIAM JSON ํ์ผ์ AWS์์ IAM(Identity and Access Management) ์ ์ฑ
์ ์ ์ํ ๋ ์ฌ์ฉ๋๋ ํ์ผ ํ์์ด๋ค. ์ด ํ์ผ์ JSONํ์์ผ๋ก ์์ฑ๋๋ฉฐ, ์ฌ์ฉ์, ๊ทธ๋ฃน, ์ญํ (Role) ๋ฑ์ ๋ํ ๊ถํ(permissions)์ ์ค์ ํ๋ ๋ฐ ์ฐ์ธ๋ค. IAM JSON StructureIAM JSON ํ์ผ์ AWS ๋ฆฌ์์ค์ ๋ํด ํ์ฉ(Allow)ํ๊ฑฐ๋ ๊ฑฐ๋ถ(Deny)ํ ์์
์ ๋ช
์ํ๋ ์ ์ฑ
(policy)์ ์ ์ํ๋ค.์ด๋ฅผ ํตํด ์ด๋ค ์ฌ์ฉ์๊ฐ ์ด๋ค AWS ์๋น์ค์์ ์ด๋ค ์์
์ ์ํํ ์ ์๋์ง๋ฅผ ์ ์ดํ๋ค.JSON ํ์ผ ์์ JSON ํ์ผ ํ๋Consists of• Version: policy language version, always incl..
![]()
IAM Identity and Access Management- ์ฌ์ฉ์๋ฅผ ์์ฑํ๊ณ ๊ทธ๋ฃน์ ๋ฐฐ์นํ๊ธฐ ๋๋ฌธ์ Global Service- Root account created by default, shouldn't be used or shared - Users are people within your organization, and can be grouped- Groups only contain users, not other groups- Users don't have to belong to a group, and user can belong to multiple groups IAM: Permissions- Users or Groups can be assinged JSON documents called po..
