0PricingLogin
Cyber Security Academy · Lesson

Cloud IAM: Roles, Policies, and Least Privilege

Design minimal-permission IAM policies and use role-based access control in cloud environments.

Cloud IAM Fundamentals

Identity and Access Management (IAM) in cloud environments controls who can do what to which resources. The three pillars are: principals (users, groups, service accounts), permissions (individual actions), and policies (documents binding principals to permissions).

AWS IAM: Users, Roles, and Policies

AWS IAM policies are JSON documents granting or denying API actions on resources. Roles are identities assumed by services (EC2, Lambda) or federated users. Prefer roles over long-lived access keys for EC2 instances.

{
  "Version": "2012-10-17",
  "Statement": [{
    "Effect": "Allow",
    "Action": ["s3:GetObject"],
    "Resource": "arn:aws:s3:::my-bucket/*"
  }]
}

All lessons in this course

  1. Cloud IAM: Roles, Policies, and Least Privilege
  2. Common Cloud Misconfigurations
  3. Cloud Security Posture Management (CSPM)
  4. Container and Kubernetes Security
← Back to Cyber Security Academy