π Day 5 of My #100DaysOfCloud Journey β Exploring IAM (Identity and Access Management) in AWS Hello Cloud Enthusiasts! π Today was all about secur
π Aspiring Cloud & DevOps Engineer | AWS Free Tier User | Learning by Building
Hi, Iβm Sukaran Mahajan β I am working as System Administrator and currently on a focused journey to become job-ready in AWS Cloud, DevOps, and Infrastructure automation. With a growing foundation in Linux, Git, Docker, and Terraform, Iβm documenting everything I learn to help others and strengthen my understanding.
π‘ Currently Learning: β’ AWS (EC2, S3, IAM, VPC, Lambda) β’ Docker, Terraform & Ansible β’ CI/CD tools (GitHub Actions, Jenkins) β’ Kubernetes basics
π Hands-on Projects: β’ Flask + Docker App Deployment β’ Terraform-based AWS Infrastructure β’ EC2 SSH automation & S3 access control
π I also write beginner-friendly technical blogs on Hashnode: π https://devopswithsukaran.hashnode.dev
πΌ Open to internships, DevOps/cloud roles, and collaborative projects.
Letβs connect and grow in tech together! π
Hello Cloud Enthusiasts! π
Today was all about security and access control in AWS. I explored one of the most critical services β IAM (Identity and Access Management). Here's what I learned and practiced:
---
π What is IAM?
IAM stands for Identity and Access Management. It lets you:
Securely manage users, groups, and roles
Control who can access which AWS services and resources
Apply least privilege principle β giving only the permissions required
---
π§ Key Concepts I Covered
β IAM Users
Individual identities with long-term credentials.
I created a user named dev-admin and attached specific permissions.
β IAM Groups
Used to group users with similar permissions (e.g., Developers, Auditors).
Easier permission management.
β IAM Roles
Used for temporary access, especially for EC2 or Lambda to access other services securely.
β IAM Policies
JSON documents that define permissions.
Example: A policy to allow only S3 Read access.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:GetObject"],
"Resource": ["arn:aws:s3:::my-bucket-name/*"]
}
]
}
---
π Hands-on Practice
Created a custom IAM policy using the policy generator.
Attached policies to a user and group.
Assigned a role to an EC2 instance to allow S3 access without storing AWS credentials.
---
𧩠Real-World Example
Imagine you're a system admin in a company where developers only need access to deploy on EC2 and read logs from CloudWatch. You:
Create a Developer group
Attach a custom policy that only allows ec2:* and cloudwatch:Get*
Add developers to the group β Simple and Secure β
---
π Lessons Learned
IAM is foundational for cloud security.
Always follow least privilege access.
IAM roles are better than hardcoding access keys in code.
---
π Whatβs Next?
Tomorrow, Iβll be diving into AWS CLI to manage resources from the terminal. Stay tuned! π»