CLOUD LABS
Using AWS IAM Access Analyzer
In this hands-on Cloud Lab, you’ll use IAM Access Analyzer to identify resources with overly permissive policies that allow access to external entities. Using this service, you’ll also generate a fine-grained policy for an IAM user.
intermediate
Certificate of Completion
Learning Objectives
IAM Access Analyzer helps identify resources in your account that give access to external entities by analyzing the policies attached to the resources it supports, such as SNS topics and Lambda functions. IAM Access Analyzer can also generate fine-grained policies based on the actions taken by an IAM entity.
In this CloudLab, you’ll first enable Access Analyzer for your account, create resources such as an S3 bucket, SNS topic, and a Lambda function, and then attach some overly permissive policies to them. Next, you will observe the findings generated by Access Analyzer and create archive rules based on them. You’ll also update the overly permissive policies created earlier and rescan the findings in Access Analyzer. Next, you’ll create an IAM user and attach an overly permissive policy. Further, you’ll use the newly created user to create an S3 bucket to generate some events in CloudTrail and use Access Analyzer to generate a fine-grained policy for your IAM user.
After completing this Cloud Lab, you’ll understand how IAM Access Analyzer works, create archive rules based on the findings provided by Access Analyzer, and generate policies for IAM entities using IAM Access Analyzer.
Following is a high-level architecture diagram for this Cloud Lab:
Trusted by 1.4 million developers working at companies including
Your method is simple, straight to the point and I can practice with it everywhere, even from my phone, that's something I have never had in other learning platforms.
I highly recommend Educative. The courses are well organized and easy to understand.
I prefer Educative courses because they have a nice mix of text & images. I find that with full video courses, it can often be too easy to go into passive learning mode.
I prefer Educative courses because they have a nice mix of text & images. I find that with full video courses, it can often be too easy to go into passive learning mode.
Your method is simple, straight to the point and I can practice with it everywhere, even from my phone, that's something I have never had in other learning platforms.
I highly recommend Educative. The courses are well organized and easy to understand.
I prefer Educative courses because they have a nice mix of text & images. I find that with full video courses, it can often be too easy to go into passive learning mode.
Get access to Educative Cloud Labs
