This guide is a map for managing access in an AWS account. It contains everything you need to know to configure IAM identities and policies to safeguard the account.
IAM is a notoriously complicated service. I remember when I started out with AWS I felt it was an obstacle, making everything a lot harder than necessary. Everything was hidden behind some technical jargon and it wasn't intuitive at all where to configure things. Then its JSON policy structure required a lot of searching for solutions. IAM was in my way whatever I wanted to do.
It was much later when I become interested in security and that was when I realized how essential IAM is to secure an AWS account. There are a lot of other services for security, such as Config, Security Hub, CloudTrail, and GuardDuty, but they all play a secondary role. The security of an account lies in the configuration of IAM.
After a bit of learning, I started to see the underlying logic behind all those obscure terminology that felt so distant at first. The identities, the types and structure of the policies all fit into a bigger picture that defines the security posture of an account.
This book is a comprehensive and easy-to-follow guide for everything you'll need to configure who can access an account and what they can do. It provides a ton of examples and practical tips with a lot of illustrations. It was written to give a complete overview of the different things you'll encounter in configuring access.
* How IAM helps with account security
* What are the different IAM identities
* How to write policies
* How the policy evaluation logic works