Please enable JavaScript.
Coggle requires JavaScript to display documents.
IAM (Principals (Roles / Temporary security tokens (Amazon EC2 roles,…
IAM
-
-
policies
structure
- effect: Allow or Deny
- resource (ARN)
- Action(API Operations)
- condition: ip, time etc
association types
- user policies
- managed policies
NOT
- applications identity store
- operating system identity management
Strengtening security
- rotating users' access keys
- MFA
multi-policy resolution
- find first deny
- find first allow
- default to deny