AWS re:Invent 2016: Become an AWS IAM Policy Ninja in 60 Minutes or Less (SAC303)

  • 🎬 Video
  • ℹ️ Description
AWS re:Invent 2016: Become an AWS IAM Policy Ninja in 60 Minutes or Less (SAC303) 5

Are you interested in learning how to control access to your AWS resources? Have you ever wondered how to best scope down permissions to achieve least privilege permissions access control? If your answer to these questions is "yes," this session is for you. We take an in-depth look at the AWS Identity and Access Management (IAM) policy language. We start with the basics of the policy language and how to create and attach policies to IAM users, groups, and roles. As we dive deeper, we explore policy variables, conditions, and other tools to help you author least privilege policies. Throughout the session, we cover some common use cases, such as granting a user secure access to an Amazon S3 bucket or to launch an Amazon EC2 instance of a specific type.

💬 Comments on the video

This is why this guy is a Ninja and this presentation delivers the goods:
[1:56] "In my nearly 5 years at Amazon, I carve out a little time each day, each week to look through the forums, customer tickets to try to find out where people are having trouble. I try to solve those same problems myself"

Author — Wilson Mar


Thanks a lot Jeff, Best re:invent video i've watched so far. Very well done Sir!!!

Author — staj


how do one create IAM policy to enforce tags whenever any new resources are created in AWS ?

it can be automated using IAM policy right ?

Author — T AG


how to download aws credentials in csv format?

Author — Ahamed Rifath


If you want to decode the quoted string output near the end, jq is your friend. Run it through once with a selector to get the raw string, and then a second time to pretty-print it.

Author — Jules Morrison


How can I get this powerpoint from video?

Author — Carlos Enrique Rodríguez Lugo


How do i download the presentation ? Can anyone provide the link ?

Author — Shashank Ranganath


Why not just open up incognito windows?

Author — Christopher Neill


In the "Limited Admin" sample, the admin has access to the iam:ChangePassword action for all resources. What prevents him to change the "true" administrator's password and gain full admin rights to the account?

Author — Tamás Sallai


Could you explain roles and responsibilities for AWS Administrator

Author — Yaswanth Vema


Great session, but needs a more personable intro. :)

Author — Alec Whitehouse


I felt little rudeness at the start :(

Author — Mukesh Yadav