Skip to main content

IAM Policy

IAM Policy
IAM Policies

IAM Policy:

IAM (Identity and Access Management) policies are sets of permissions that define who has access to AWS resources and what actions they can perform on those resources. A policy is a JSON document that consists of one or more statements. Each statement includes an effect (whether to allow or deny actions), a list of actions (API operations), and a list of resources (AWS resources like EC2 instances, S3 buckets, etc.).

Step-by-Step Guide to Creating a Custom Policy and Adding it to Users and Groups:

Sign in to the AWS Management Console:



Create a Custom Policy:


  • In the left navigation pane, click on "Policies" and then click on the "Create policy" button.
  • Select the "JSON" tab to create your policy using JSON format.
  • Define your policy by specifying the following:
    • Effect: Allow or Deny.
    • Action: List of actions (API operations) the policy allows or denies.
    • Resource: List of AWS resources to which the policy applies.

Example:

{

    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "s3:PutObject"
            ],
            "Resource": "arn:aws:s3:::example-bucket/*"
        }
    ]
}

  • Review and Create:

    • Review your policy and give it a meaningful name and description.
    • Click on the "Create policy" button to create your custom policy.

Attach Policy to User or Group:

  • After creating the policy, navigate to the "Users" or "Groups" section in the IAM dashboard.
  • Select the user or group to which you want to attach the policy.
  • Click on the "Add permissions" button.
  • Choose "Attach existing policies directly".
  • Search for and select the custom policy you created.
  • Click on the "Next: Review" button.
  • Review the permissions summary and click on the "Add permissions" button.

Verify:

  • Once added, verify that the user or group now has the permissions defined in the custom policy.
By following these steps, you can create custom IAM policies and attach them to users or groups to control access to AWS resources effectively.

Popular posts from this blog