Learning Log Detail

CompletedBeginnerCloud Security

IAM Basics

IAM controls who can access AWS resources, what actions they can take, and under which conditions.

3Lessons
5Topics
3Tested

Key Topics

UsersGroupsRolesPoliciesLeast privilege

Tools Used

AWS ConsoleIAM

What I Learned

  • - Users, groups, roles, and policies are the core IAM building blocks.
  • - Roles are better than long-term access keys when AWS services need to talk to each other.
  • - Least privilege means giving only the permissions needed for a task.

Why It Matters

IAM is one of the most important cloud security controls because permission mistakes can expose an entire AWS account.

Mistakes and Challenges

  • - Separating trust policies from permission policies took repetition.
  • - Policy examples were easy to copy but harder to explain line by line.

What I Built/Tested

  • - Created an IAM policy for limited S3 access.
  • - Reviewed how an IAM role can be attached to an AWS service.
  • - Tested what happens when a permission is missing.

Next Steps

  • - Practice writing smaller custom policies instead of using broad managed policies.

Related Projects

aws-s3-static-websitebeauno-resort-s3-cloudfront