In this lab, we’ll explore and work with the different types of IAM policies available: AWS managed policies, customer managed policies, and inline policies. An AWS managed policy is a standalone policy that is created and administered by AWS. A customer managed policy is a standalone policy that you administer in your own AWS account. An inline policy is a policy that’s embedded in an IAM identity (a user, group, or role).
Learning Objectives
Successfully complete this lab by achieving the following learning objectives:
- Create a Customer Managed Policy
Create a new customer managed policy named
MyCustomerManagedPolicywith read access to DynamoDB.- Attach the Correct Policies to the Users
Add the correct policies to the users:
- Attach the customer managed policy named
MyCustomerManagedPolicytocharlie. - Attach the AWS managed policy named
AWSLambda_FullAccesstosally. - Attach a new inline policy named
MyInlinePolicywith read-only permission for S3 to userian.
- Attach the customer managed policy named
- Attach Your Customer Managed Policy to Sally
- Attach
MyCustomerManagedPolicytosally. - See if you can attach
MyInlinePolicytosally.
- Attach
