Home>
Cloud Labs>

AWS IAM Permission Boundaries

AWS IAM Permission Boundaries
AWS IAM Permission Boundaries

CLOUD LABS

AWS IAM Permission Boundaries

In this lab, we will thoroughly explore permissions boundaries for AWS IAM entities. We will also understand the effective permissions in the presence of identity policies, resource-based policies, and permissions boundaries.

13 Tasks

intermediate

3hr

Certificate of Completion

Desktop OnlyDevice is not compatible.
No Setup Required
Amazon Web Services

Learning Objectives

A thorough understanding of permissions boundaries and resource-based policy
The ability to set up permissions boundary and resource-based policy
Hands-on experience with effective permissions in presence of identity-based policy and permissions boundary and resource-based policy
Technologies
IAM logoIAM
S3 logoS3
Cloud Lab Overview

Whenever an AWS IAM entity requests to perform an action, the request context is checked for policies that apply to the request. There are different types of policies that determine whether a certain request is authorized or not. These policies include identity-based policies, resource-based policies, and permissions boundaries. The identity-based policies and permissions boundaries apply to IAM entities. However, resource-based policies apply to resources, defining which entities can access the resource.

In this Cloud Lab, you’ll create an IAM user and attach an identity-based policy to it. You’ll test the effective permissions of the new user by creating an S3 bucket and uploading and deleting files in it through the new user. You’ll then add different permissions boundaries to the new user and test the effective permissions with the same process.

 Lastly, you’ll conclude the Cloud Lab by adding a resource-based policy to the S3 bucket we created through the new user and test the effective permissions again through a similar process.

The following is the high-level architecture diagram of the infrastructure you’ll create in this Cloud Lab:

The architecture diagram
The architecture diagram

Cloud Lab Tasks
1.Introduction
Getting Started
2. Identity-Based Policy
Create an IAM Identity-Based Policy
Create an IAM User
Effective Permissions
3.Permissions Boundaries
Introduction to Permissions Boundary
Permissions Boundary as a Superset of Identity-Based Policy
Permissions Boundary as a Subset of Identity-Based Policy
Overlapping Permissions Boundary and Identity-Based Policy
Add a Denial Effect
4.Resouce-Based Polices
Use a Resource-Based Policy
Put It All Together
5.Conclusion
Clean Up
Wrap Up
Labs Rules Apply
Stay within resource usage requirements.
Do not engage in cryptocurrency mining.
Do not engage in or encourage activity that is illegal.

Before you start...

Try these optional labs before starting this lab.

Cloud Lab Cover

Cloud Lab

Securing AWS Resources: Managing Access with IAM

9
beginner
1hr 30m
Cloud Lab Cover

Cloud Lab

Understanding AWS Security and Management—From Zero to Hero

12
beginner
2hr 30m
Cloud Lab Cover

Cloud Lab

Configuring Role-Specific Temporary Access to an AWS Account

7
intermediate
1hr 30m
Cloud Lab Cover

Cloud Lab

Using AWS IAM Access Analyzer

9
intermediate
2hr 30m

Relevant Courses

Use the following content to review prerequisites or explore specific concepts in detail.

Hear what others have to say
Join 1.4 million developers working at companies like
"Your method is simple, straight to the point and I can practice with it everywhere, even from my phone, that's something I have never had in other learning platforms."

Felipe Matheus

Software Engineer

"I highly recommend Educative. The courses are well organized and easy to understand."

Adina Ong

Senior Engineering Manager

"I prefer Educative courses because they have a nice mix of text & images. I find that with full video courses, it can often be too easy to go into passive learning mode."

Clifford Fajardo

Senior Software Engineer

"I love the content on Educative and I feel as if I am definitely improving in my craft."

Thomas Chang

Software Engineer

Learn in-demand tech skills in half the time

PRODUCTS

Mock Interview

New

Courses

Skill Paths

Projects

Assessments

Newsletter

TRENDING TOPICS

Learn to Code

Tech Interview Prep

Generative AI

Data Science

Machine Learning

GitHub Students Scholarship

Early Access Courses

Blind 75

Layoffs

Pricing

For Individuals

Try for Free

Gift a Subscription

CONTRIBUTE

Become an Author

Become an Affiliate

Earn Referral Credits

RESOURCES

Blog

Cheatsheets

Webinars

Answers

ABOUT US

Our Team

Careers

Hiring

Frequently Asked Questions

Contact Us

Press

LEGAL

Privacy Policy

Cookie Policy

Terms of Service

Business Terms of Service

Data Processing Agreement

INTERVIEW PREP COURSES

Grokking the Modern System Design Interview

Grokking the Product Architecture Design Interview

Grokking the Coding Interview Patterns

Machine Learning System Design

Tiktok Streamline Icon: https://streamlinehq.com

Copyright ©2025 Educative, Inc. All rights reserved.

soc2