Amazon AWS IAM Roles and Policies

When You want to Provide access to Amazon Web Services Console or if you're planning to provide REST API Keys to your Developers of a Third Party Person, Using Providing access to Root Account Console or API Keys is not advisable since they basically will have full level access. Instead, we can rely on IAM(Identity and Access Management). Require any support regarding AWS IAM Roles and Policies then contact development services to know more

Creating an IAM User:

  • Login to your root account and then Click on your Username on the Top Right Corner. Select Security Credentials.
  • Click on Users Option on Left Hand Menu of the Dash Board Page. see here to see the Dashboard
  • Click on Create User button
  • Enter the Usernames of accounts to generate and click on Create.
  •  you will be offered to Download the REST API keys.
  • Download it or save them, Note that REST API Keys are only generated only once. If Lost you may have to reset API Keys again.

Generating Password For the User:

  • Select The user in Users Page and click on User Actions and select Manage Password.
  • You will be offered Two options
    • Automatic Password with Change on Login checkbox.
    • Custom Password.
  • After Setting Password, Click on Apply.
Talk to our Experts!

Policies:

Policies play a VITAL Role. It is Authorization Part of IAM User. AWS Provides a set of its own policies which restricts or provide access to the User. Most of those Policies are either full Access on Service or Read only Permissions on  Service. None of those restrict a User to have access only to specific sections of the service.(Like only specific Buckets in S3 or few Instances in EC2). Here we can Use Custom Policies. Now we are going to see an example on restricting a user to only a specific Bucket in S3.

Steps to Create a Custom Policy:

  • Select policies in DashBoard Menu
  • Click on Create Policy
  • select type of Policy. here you can select either copy from amazon policies and customize them(Copy an AWS Managed Policy) or create your policy from Amazon options(using Policy Generator) or create a fully custom Policy(Create Your Own Policy).
  • Select Create Your Own Policy and copy paste this JSON.
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::dinesh_my_bucket",
                "arn:aws:s3:::dinesh_my_bucket/*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": "s3:ListAllMyBuckets",
            "Resource": "arn:aws:s3:::*"
        }
    ]
}

Now Validate and click on save.

Here First Part of JSON gives full access permissions on bucket "micropyramid" to users under the policy, Second Part where it says List all Buckets gives access over Console view of S3 to the user.

Now you can assign users this policy, or  generate a Role with Custom Permissions and assign that role to the User

For more on S3 Policies click here

Posted On 04 December 2012 By MicroPyramid


Previous post Next post

Need any Help in your Project?Let's Talk

Latest Comments

Django-CRM :Customer relationship management based on Django

Django-blog-it : django blog with complete customization and ready to use with one click installer Edit

Django-webpacker : A django compressor tool

Django-MFA : Multi Factor Authentication

Docker-box : Web Interface to manage full blown docker containers and images

 More...
AWS Lambda - Best Practices

After Years of Developing Lambda Scripts from creating Serverless Applications to Pipelining your Tasks, Here are the Best Practices that we follow.

Continue Reading...
Autoscaling Application with AutoScaling Groups and AWS LoadBalancer

Autoscaling Application with AutoScaling Groups and AWS LoadBalancer

Continue Reading...
How to Build and verify an application using aws codepipeline and creating custom events with lambda

How to build and verify an application using aws codepipeline and creating custom events with lambda.

Continue Reading...
AWS tips and tricks to optimize cost and performance for better ROI

Best Practices of AWS cost and Performance Optimization

Continue Reading...
How to process message queuing system by amazon SQS

How to process attributes of message queuing system by amazon SQS using Boto3

Continue Reading...
Easy and Fast way to implement AWS Lambda service

We are going to use a simple application called Gordan to prevent creating a lambda function and triggering actions which involves time taking and repetitive …

Continue Reading...
How To Send And Receive Email With Django And Amazon SES

django-ses-gateway a pluggable Django application is used for sending mails from your verified domains and verified emails. We can also use django-ses-gateway for receiving messages …

Continue Reading...
Deploy Django using CloudFormation Template

CloudFormation helps in Using JSON templates to describe the resources needed from aws. With this approach, we don't have to repeat the same manual configuration …

Continue Reading...
How to Mount S3 Bucket on Local Disk

It all starts with FUSE, FUSE is File System User Space. Operating Systems have Kernel Space and User Space. Kernel Space is where low level …

Continue Reading...
Using AWS Lambda with S3 and DynamoDB

AWS lambda is handy tool for event driven computation, here we will learn how to configure and setup lambda function so to run our function …

Continue Reading...
How to access EC2 instance even if pem file is lost

Accessing the EC2 instance even if you loose the pem file is rather easy.

1. First, create a new instance by creating new access …

Continue Reading...
Deploying Django project on Elastic Beanstalk

Here You can learn about how to setup and deploy a Django application to Amazon Web Services (AWS).

Tools/technologies used:
Python v2.7
Django v1.7
Amazon …

Continue Reading...
how to setup custom domain for amazon cloudfront

We all want our own domain name to be setup for cloud front instead of amazon default cloud front domain name. We need two things …

Continue Reading...
Paginating S3 objects using boto3

When using Boto you can only List 1000 objects per request. So to obtain all the objects in the bucket. You can use s3's paginator.

Continue Reading...
Creating Elastic Search Cluster (EC2, cloud-aws Plugin)

While handling Large amounts of data with elasticsearch, you may run out of server capacity or compute power, Forming a Elasticsearch cluster will reduce the …

Continue Reading...
Configuring and Testing Load Balancer in AWS EC2

When You have an application that is serving Huge Customer Base, so will be your Traffic. Sometimes The Application simply stops responding. We can use …

Continue Reading...
Django Hosting on Amazon EC2 with wordpress on same domain

Configuring the Wordpress as subdirectory can be tricky. In this tutorial we will Setup a Django Website alongside a wordpress blog.

Continue Reading...
Amazon SES - Handling Bounces and Complaints

In general while sending emails, we will prepare some recipient addresses as our mailing list, which are valid and our recipients want and expect our …

Continue Reading...
Amazon AWS IAM Roles and Policies

When You want to Provide access to Amazon Web Services Console or if you're planning to provide REST API Keys to your Developers of a …

Continue Reading...
CORS with Amazon S3 and CloudFront

We struggle to load fonts from CloudFront because of CORS.

CORS - Cross Origin Resource Sharing is a security measure to block macious scripts or …

Continue Reading...

Subscribe To our news letter

Subscribe and Stay Updated about our Webinars, news and articles on Django, Python, Machine Learning, Amazon Web Services, DevOps, Salesforce, ReactJS, AngularJS, React Native.
* We don't provide your email contact details to any third parties