I am more of a developer and often test solutions by creating infrastructure while working with AWS services. Our main use case involves managing multiple AWS accounts through IAM Identity Center for roles and permissions, like creating users, providing access to specific AWS services, and managing connectivity between services with MFA and role creation.
I work as a DevOps engineer, leveraging AWS services extensively to manage cloud infrastructure. My primary use case revolves around securing and automating the deployment of applications within AWS. Specifically, I use AWS Elastic Kubernetes Service (EKS) for container orchestration, S3 buckets for data storage, and CloudFormation to implement Infrastructure as Code (IaC) for provisioning resources. For monitoring and alerting, I rely on Amazon CloudWatch to gather logs and metrics, ensuring system performance and operational health. AWS IAM plays a crucial role in managing access and enforcing security policies, providing fine-grained access control for users and services. Additionally, I use AWS Key Management Service (KMS) to handle encryption keys for sensitive data, ensuring compliance with security policies. My environment also includes EC2 instances for compute resources, Elastic Load Balancers (ELB) to distribute traffic efficiently, and RDS for database management.
Strategist | Webops and Blockchain at Indian Institute of Technology, Madras
Real User
Top 20
2024-11-20T13:39:14Z
Nov 20, 2024
I work as a consultant, setting up AWS accounts for clients. A significant requirement is creating IAM security profiles for all services and users. This involves creating specific sets of credentials with limited privileges for AWS developers during testing, deployment, and login, using scripts for automation to enhance security.
The primary use case for AWS IAM Identity Center is setting up permissions, policies, and groups for different users or customers. For instance, the engineering team has different accounts and is provided different access levels through using AWS IAM Identity Center. Similarly, the DevOps team has access levels tailored to their specific requirements. It is mostly used for segregating the access for different teams according to their needs.
Most enterprise companies use multiple AWS accounts, ranging from ten to hundreds. This separation allows for individual team environments and presents an identity and access management (IAM) challenge. To manage IAM centrally, AWS Identity Center, formerly known as AWS SSO, is used to set up federations with existing authentication systems, like Azure AD. This setup allows roles to be defined for various teams, such as DevOps and security, ensuring people have permissions tailored to their roles and departments.
I use the solution in my company to attach policies and roles. Amazon doesn't provide our company with all the permissions from a single source, so we need to create a role and attach the policy to give the right access to AWS services in order to ensure that everything works fine, or else it won't work properly.
AWS IAM Identity Center is the recommended service for managing your workforce's access to AWS applications or your multiple AWS accounts (or both). It is a flexible solution that can be used to connect your existing identity source or help you create users in AWS. IAM Identity Center can be used alongside your existing AWS account access configurations.
I am more of a developer and often test solutions by creating infrastructure while working with AWS services. Our main use case involves managing multiple AWS accounts through IAM Identity Center for roles and permissions, like creating users, providing access to specific AWS services, and managing connectivity between services with MFA and role creation.
I work as a DevOps engineer, leveraging AWS services extensively to manage cloud infrastructure. My primary use case revolves around securing and automating the deployment of applications within AWS. Specifically, I use AWS Elastic Kubernetes Service (EKS) for container orchestration, S3 buckets for data storage, and CloudFormation to implement Infrastructure as Code (IaC) for provisioning resources. For monitoring and alerting, I rely on Amazon CloudWatch to gather logs and metrics, ensuring system performance and operational health. AWS IAM plays a crucial role in managing access and enforcing security policies, providing fine-grained access control for users and services. Additionally, I use AWS Key Management Service (KMS) to handle encryption keys for sensitive data, ensuring compliance with security policies. My environment also includes EC2 instances for compute resources, Elastic Load Balancers (ELB) to distribute traffic efficiently, and RDS for database management.
I work as a consultant, setting up AWS accounts for clients. A significant requirement is creating IAM security profiles for all services and users. This involves creating specific sets of credentials with limited privileges for AWS developers during testing, deployment, and login, using scripts for automation to enhance security.
The primary use case for AWS IAM Identity Center is setting up permissions, policies, and groups for different users or customers. For instance, the engineering team has different accounts and is provided different access levels through using AWS IAM Identity Center. Similarly, the DevOps team has access levels tailored to their specific requirements. It is mostly used for segregating the access for different teams according to their needs.
Most enterprise companies use multiple AWS accounts, ranging from ten to hundreds. This separation allows for individual team environments and presents an identity and access management (IAM) challenge. To manage IAM centrally, AWS Identity Center, formerly known as AWS SSO, is used to set up federations with existing authentication systems, like Azure AD. This setup allows roles to be defined for various teams, such as DevOps and security, ensuring people have permissions tailored to their roles and departments.
I use the solution in my company to attach policies and roles. Amazon doesn't provide our company with all the permissions from a single source, so we need to create a role and attach the policy to give the right access to AWS services in order to ensure that everything works fine, or else it won't work properly.