3.3 Setting Up IAM

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
3 hours 27 minutes
Difficulty
Beginner
CEU/CPE
4
Video Transcription
00:01
it's video
00:03
we will complete our setup of I am.
00:07
We will create I am user accounts.
00:12
We will create a group to assign permissions.
00:16
We will create and apply
00:18
and I am password policy
00:21
from the AWS console. We will type. I am into the search bar toe Open the identity and Accidents Management dashboard.
00:33
As you can see, we still have three tasks remaining to be completed.
00:38
We will need to create I am users.
00:41
We will need to create a group to assign our users too.
00:46
And then we will need to assign a password policy to our users.
00:50
So let's begin with the task of creating our first user,
00:54
then click at user
00:57
and here I'll put in my user name of Shawn.
01:06
Next, I will give myself a W s management Council access
01:15
for my password. I can either have A W s auto generated password for me or provide my own custom password. I'll provide my own
01:25
by default. A W s will require a new user to reset their pastor when they sign in for the first time. But since this is a demonstration, I will uncheck that box
01:38
on the next screen. were presented with three options on how to assign permissions to our user.
01:44
We can assign the user to a group
01:47
or copy permissions from an existing user.
01:51
We'll attach policies directly.
01:53
Let's create a group first
01:57
on the group create screen.
02:00
We first want to give our group name.
02:02
I will call mine
02:05
the group formerly known his route,
02:15
and I will sign my group administrator Access,
02:17
which will provide my members of the group Full access to AWS service is
02:23
Then we will click Create Group to make it official.
02:28
Now we see that our new group has been created.
02:31
Next, I will review the user that I created
02:35
nothing complicated here. This just confirms that I created a user named Sean.
02:40
Sean has access to the AWS Management Council,
02:44
and Shaw will need to supply the custom password that he created when he logs in
02:49
showings accesses administrator.
02:53
Next we move on to the confirmation.
02:55
Basically, this confirms that the creation of the new user account was successful.
03:01
It also provides us with a sign and link
03:05
that is different than the sign and link that's used for a root account.
03:08
We create a new user this is the link that you would send them by email to sign
03:15
into their AWS user account.
03:16
They can also click the down low C S V button that will contain their user credentials.
03:23
So now let's create a second user
03:29
noticed that A. W S warns me that a user named Sean already exists, So the next username will need to be unique.
03:37
So let's give this user name
03:39
a friend of Sean.
03:42
Since he Shawn's friend, let's give him the same permissions. Permissions is Shawn
03:46
and create a custom password for him.
03:57
So now that the second user account is created,
03:59
we can add it to the administrators group.
04:02
First, we review
04:03
the new user that we created
04:06
that looks good. So then we move on to the confirmation page.
04:13
Then we click the small down arrow to see the policy that has assigned to the user friend of Sean.
04:18
If you notice we made it part of the policy that this user will need to change his credentials upon first log in
04:30
Next we returned to the user screen
04:33
and we could see our two users.
04:35
We still have not added any of the users to the Administrators group yet. So let's do that. Now
04:41
we click on Friend of Sean,
04:47
select the group's tab
04:51
quick at users to the group.
04:56
At this time, we have only created one group, so we click that one,
05:00
and now we have added this user to the administrator account.
05:06
Next we will go to account settings.
05:11
This is where we create our pastoral policy
05:14
for our AWS user accounts.
05:16
We can get as granular is a quiet by our business security policy.
05:21
By default, users are permitted to change their own password.
05:29
We will just create a policy where passers expire after 90 days
05:41
and that it with a password expires.
05:44
Then the user will need to contact the administrator to have it reset.
05:48
Then we just apply the password policy.
05:58
Next, we returned to our user screen because I forgot to add the user showing to the administrators group.
06:04
So, just like before,
06:06
we click on the user name that we want to perform the action upon,
06:12
select the group
06:13
that will be adding the user too,
06:24
and we see that the administrative group now contains two users.
06:29
Finally,
06:30
we clicked back on the I am dashboard
06:32
and you will see that we have created all task to properly set up. I am.
06:44
How do we access I am?
06:47
We can access I am by logging into the AWS console and typing I am to pull up the I Am dashboard.
06:57
Do you have to manage each user one by one, or can I sign users to groups
07:04
from administrative perspective, it's best practice to assign users to groups based on their job requirements.
07:12
Once I create a new user,
07:14
how can I get their user credentials to them?
07:16
So once you create a U user account, you can send the user credentials by email straight from the AWS Consul.
07:29
In this video
07:30
we completed setup of I Am
07:34
We created I am user accounts.
07:40
We created a group and assigned permissions
07:44
and we created and apply and I am password policy.
Up Next
Intro to AWS

This Introduction to Amazon Web Services (AWS) course will teach you about Amazon's secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help businesses scale and grow.

Instructed By