We have three new hires for our latest project, and we need to make sure they have the permission to access specific services. We also want to ensure that any future hires can be easily added to the same permissions. In order to do this, we will dive into the IAM, or Identity and Access Management service. We will create a custom policy for several users and a group to put them in.
Successfully complete this lab by achieving the following learning objectives:
- Create a Custom Policy
- Navigate to the IAM service in the AWS console.
- Select Policies and click Create Policy.
- Click on Choose a service and type in API to select API Gateway.
- Select all permissions for the API Gateway and select all resources.
- Click on Add another service and choose a service. Type in EC2 and select EC2 from the list.
- Select List permissions for EC2 and select all resources.
- Click on Add another service and choose a service. Type in S3 and select S3 from the list.
- Select List permissions for S3 and select all resources.
- Complete the creation of the policy by naming it CustomPolicy.
- Create Users and Group
- Click on Users.
- Create three users: Lisa, Xavier, and Edmond.
- Specify a password for the users.
- Create a group named Project1 and specify the CustomPolicy that was created in the last step to be used.
- Complete creating the users.
- Test Permissions of the Users
- Sign out of the AWS console.
- Copy and paste the link for the AWS environment provided to you in this lab.
- Use the Lisa user and the password you specified for that user.
- Once signed in, navigate to the API Gateway to view permissions.
- Navigate to the EC2 service and click on the running instance.
- View actions available for that instance.
- Navigate to the S3 service and test out various options to test permissions.