Identity and Access Management on AWS: Roles and Groups

This course explains the proper use of roles and groups in AWS and provides best practices for their use. It also covers the tools that can be used to audit the use of IAM.

Using individual users for all access control is fine for small companies, but when you have tens, hundreds, thousands, or more users and interactions with other companies, this doesn’t scale well. Additionally, auditing the use of the various users, groups, and roles is critical to organizations of all sizes. In this course, Identity and Access Management on AWS: Roles and Groups, you will gain the ability to manage organizations of any size and to use roles properly. You'll also learn how to describe the various tools that are available to audit and manage the use of IAM. First, you will examine how groups can be used to simplify the management of collections of users. Next, you will discover the various use cases for roles, including some of the types of roles that help in those use cases. The role of the Security Token Service (STS) in relation to roles will be discussed. Best practices in relation to roles is also an important topic to be considered, as roles are one of the most misunderstood things in all of IAM. Finally, you will discover how to use the various tools that Amazon provides to manage, optimize, and audit IAM and the use of IAM permissions, including Credential Report, Access Advisor, CloudTrail, Trusted Advisor, and AWS Config. When you’re finished with this course, you will have the skills and knowledge to use roles and groups to secure your AWS infrastructure and to audit and optimize usage of IAM in AWS.