This guide is a map for managing access in an AWS account. It contains everything you need to know to configure IAM identities and policies to safeguard the account.

IAM is a notoriously complicated service. I remember when I started out with AWS I felt it was an obstacle, making everything a lot harder than necessary. Everything was hidden behind some technical jargon and it wasn't intuitive at all where to configure things. Then its JSON policy structure required a lot of searching for solutions. IAM was in my way whatever I wanted to do.

It was much later when I become interested in security and that was when I realized how essential IAM is to secure an AWS account. There are a lot of other services for security, such as Config, Security Hub, CloudTrail, and GuardDuty, but they all play a secondary role. The security of an account lies in the configuration of IAM.

After a bit of learning, I started to see the underlying logic behind all those obscure terminology that felt so distant at first. The identities, the types and structure of the policies all fit into a bigger picture that defines the security posture of an account.

This book is a comprehensive and easy-to-follow guide for everything you'll need to configure who can access an account and what they can do. It provides a ton of examples and practical tips with a lot of illustrations. It was written to give a complete overview of the different things you'll encounter in configuring access.

You'll learn:

• How IAM helps with account security
• What are the different IAM identities
• How to write policies
• How the policy evaluation logic works