This chapter is included in the free preview

Structure of this book

In the Access control basics chapter, we'll start with how AWS APIs work and what happens when a request hits them. We'll look into the different parts of the request, as these are the information IAM has when it determines access.

Then in the IAM Policies chapter, we'll look into how to configure access inside AWS. First, you'll get familiar with the policy structure and its elements. Policies are used throughout AWS. In the Policy types chapter, you'll learn about the 5 policy types AWS supports.

The Evaluation flow chapter is about how the first two pieces — the elements in the request and the policies — fit together and determine whether the operation is allowed or denied. You'll learn how IAM reaches a decision even when multiple policies of different types are present.

Then in the Evaluation examples chapter, we'll bring it all together into several step-by-step realistic examples that show the concepts in action. You'll see exactly how IAM evaluates access, and you'll have templates for how to apply these protections to your AWS environments.

And finally, the How to secure an AWS account chapter offers practical tips to secure an account both as an administrator and a developer. You'll learn about the best practices and the usual pitfalls of AWS security.

Structure of this book