Managing AWS IAM User Permissions Using Groups and Policies

30 minutes
  • 3 Learning Objectives

About this Hands-on Lab

In this hands-on lab scenario, you are a security engineer working for a new startup that’s launching an online bookstore for rare and antique books. The founder, Kia, needs your help with setting up her development team with the proper access permissions. In order to provide access and ensure the proper security measures are in place, you will use AWS Identity & Access Management (IAM). You will group users and assign permissions for the developer group using policies.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create a Customer-Managed Policy
  1. Navigate to IAM.
  2. In IAM Resources, click Users to view existing users.
  3. From the left dashboard menu, click Policies to create a new policy with developer access.
  4. Click Create policy.
  5. Click the Visual editor tab.
  6. Set the following values:
    • Service: "DynamoDB"
    • Actions: All DynamoDB actions
    • Resources: All resources
  7. Click Add additional permissions.
  8. Repeat the steps above to configure new policy permissions for Lambda, S3, and API Gateway services.
  9. Click Review policy.
  10. Enter a standard name for your policy and a brief description.
  11. Click Create policy.
Create a Group Controlled via a Customer-Managed Policy
  1. From the left dashboard menu, select Groups.
  2. Click Create New Group.
  3. Enter the group name "Developers" and click Next Step.
  4. Select the newly created policy and click Next Step.
  5. Review the group information and then click Create Group.
Assign Users to a Group
  1. From the IAM Groups menu, select the Developers group.
  2. Select the Users tab and click Add Users to Group.
  3. Select the three developers we want to add to the group and click Add Users.

Additional Resources

Please log in to the lab environment with the credentials provided. Make sure you are using the us-east-1 region throughout the lab.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?