Introduction to Amazon Web Services(AWS)- Part 1

What is AWS Cloud

In simple terms, AWS is considered a cloud provider, which means that AWS provides various cloud-based IT resources to its cloud consumers. AWS is an easy-to-use platform which is provided by Amazon. At present, AWS is one of the leading cloud service providers all around the world. Cloud Services can be related to servers, networking, security, monitoring, etc.

AWS uses the Pay as you Go model, where you only pay for the services you will use.

Brief History of AWS

In 2006 AWS (Amazon Web Services) was officially launched.
In the year 2007: over 180,000 developers had signed up for the AWS.
In the year 2010: amazon.com retail web services were moved to AWS, i.e., amazon.com is now running on AWS. Right now, AWS has 212 Services.

Regions and Availability Zones

Regions

AWS has the concept of a Region, which is a physical location around the world where we cluster data centers.

Availability Zones

An Availability Zone (AZ) is one or more discrete data centers with redundant power, networking, and connectivity in an AWS Region.

AWS Edge Locations

Edge locations are AWS data centers designed to deliver services with the lowest latency possible. Amazon has dozens of these data centers spread across the world.

AWS Services

There are more than 200+ AWS Services and we will discuss most of the AWS Services, This most important service to get started with AWS IAM which is also a Global Service.

Security and Identity

This is more important who have authorization and authentication to
the web application. Let’s discuss Identity Access and management
and how it works in brief. There are also some other AWS security services like AWS Shield, AWS Application firewall, AWS GuardDuty, AWS Config. Right now we will discuss IAM.

Identity Access and Management

AWS Identity and Access Management (or IAM) is a service that offers secure access control mechanisms for all of your AWS services and in some cases resources. AWS IAM is at the heart of AWS security because it empowers you to control access by creating users and groups, assigning specific permissions and policies to specific users, setting up multifactor authentication for additional security, and so much more. And the cherry on top, IAM is free to use!

AWS IAM: Key Features

lets have some key features of identity access and management, which makes it so versatile and powerful.

Authentication

AWS IAM lets you create and manage identities such as users, groups, and roles, meaning you can issue and enable authentication for resources, people, services, and apps within your AWS account.

Authorization

Access management or authorization in IAM is made of two primary components: Policies and Permissions. Authorization determines what an identity can access within a system once it’s been authenticated.

Fine-grained permissions

Consider this, For example, Financial Department needs access to the billing details, the Developer needs access to the EC2 Instances and the Quality Assurance(QA) team needs to access the S3 Bucket, you can sign the custom policies and permissions to all the users accordingly.

IAM: Authentication

Authentication or identity management in AWS IAM consists of the following identities:

Users:

An IAM user is a person that needs to interact with your AWS resources or services either from the AWS Console or with the AWS CLI.

Groups

An IAM group is a collection of users and permissions assigned to those users. Groups provide a convenient way to manage permissions for users with similar needs by categorizing them according to their job function/role, department, or any other requirement. Then, permissions for all those users can be managed at once through the group. For example, we can create a group of a session manager and only limit the access to the session manager, when we add users to the session manager group, they will have access to the session manager other they will not access to the session manager.

Roles

An IAM role is an entity within AWS that defines a set of permissions the role can perform. For example, Allow Access to S3 and DynamoDB.

IAM: Authorization

Authorization or access management in IAM is controlled by Policies that grant Permissions.

What is Policy?

A policy is a document with a set of rules, having one or more statements. Each policy grants a specific set of permissions and can be attached to any of the IAM identities we covered earlier — users, groups, and roles. Policies are always written in JSON or YAML format, and each policy has a name.

What are Permissions?

Permissions enable you to perform actions on AWS resources. When a new user or group is created, it has no permissions and a policy must be attached to allow actions to be taken on AWS resources.

In JSON, it can look like this

This example policy restricts an IAM user or group access to only Start/Stop/Reboot EC2 instances in the US East (N. Virginia) [us-east-1] Region.

Conclusion

This is the first part conclusion, in which we learn briefly about AWS, and AWS Service Identity Access and management, In the next part we will more focus on the AWS Compute Services like AWS EC2, AWS Lambda, etc. You can always reach out to me if you have any questions!

Canva Presentation can be found on this page. Now you can move to Part 2 of this Introductory Session.

--

--

--

DevOps Engineer - Author

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Transforming BigQuery JSON API responses recursively

Security and Serverless

I am very happy to participate in this event.

Pizza Time — Sprint 2: Working with other developers and Integration

Agile Scrum Workflow

CS371p Spring 2022: Gautham Raju: Final Entry

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Adil Shehzad

Adil Shehzad

DevOps Engineer - Author

More from Medium

Setting Up EC2 Instance Using AWS CLI

Make one EC2 instance unique in AWS Auto-Scaling Group

Spinning up an EC2 Instance and VPC via CloudFormation

Integrate Jenkins with AWS — Part I