In this lab scenario, Alfredo of Alfredo’s Pizza has hired you as a security engineer for his web app that allows customers to order pizzas online. He’s ramped up his development team by hiring four new people. He needs our help with giving this team the proper access permissions. In order to provide access and ensure the proper security measures are in place, you will use AWS Identity & Access Management (IAM). You will group users and assign permissions for the developer group using policies.
Successfully complete this lab by achieving the following learning objectives:
- Create a Customer-Managed Policy
- Navigate to IAM.
- In IAM Resources, click Users to view existing users.
- From the left dashboard menu, click Policies to create a new policy with developer access.
- Click Create policy.
- Click the Visual editor tab.
- Click *Import managed policy" and find "AWSLambda_FullAccess".
- Click import.
- Click Review policy.
- Remove EC2.
- Click Next:Tags
- Click Next: Review.
- Give the policy a name.
- Click Create Policy.
- Create a Group Controlled via a Customer-Managed Policy
- From the left dashboard menu, select User Groups.
- Click Create group.
- Enter the group name "Developers" and then click Create Group.
- Attach the policy previously created.
- Assign Users to the Group
- Select user groups.
- Click on group just created.
- Click Add users.
- Select the Users tab and click Add Users to Group.
- Select the four developers we want to add to the group and click Add Users.