AWS Cloud Practitioner: Identity Access Management (IAM)

AWS Cloud Practitioner: Identity Access Management (IAM)

In this short series, I outline the notes that I took while preparing for the AWS Cloud Practitioner exam.

These are my personal notes that I have made while working through the A Cloud Guru exam practitioner course. They are in no way official notes from AWS.

I would advise you that if you do use my notes to help you revise for this exam, that you use them as a supplement to the most recent information in the White PapersExam Guide and go over your knowledge with practice exam papers.

Previous notes within this blog series:

Identity Access Management (IAM)

IAM Service is a Global service across all regions. Can be used to create users, groups and policies.

You can access the AWS platform in 3 ways:

  1. Via the Console
  2. Programmatically (using the command line)
  3. Using the SDK

The Root Account

Your root account is the email address you used to set up your AWS account. It has full admin access. Don’t give away these account credentials. You should instead create a user for other individuals. Always secure the root account using multi-factor authentication.


A group is a place to store your users. All users in a group will inherit all permissions that the group has. E.g. developers, system admin, finance etc. To set permissions in a group you need to apply a policy to that group.

Policies are the way we assign permissions to users, groups and roles. Defined using Javascript Object Notation (JSON) in a key-value pair.  Policies start with a version (the date) then the statement. If wildcards are used


Leave a Reply

Your email address will not be published. Required fields are marked *

Looking for Something?