AWScloud~30 mins

Why IAM is foundational in AWS - See It in Action

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Why IAM is foundational

📖 Scenario: You are setting up a new AWS environment for a small company. To keep the environment secure, you need to control who can access AWS resources and what actions they can perform.

🎯 Goal: Build a simple IAM setup that defines users and permissions to control access securely.

📋 What You'll Learn

Create an IAM user dictionary with exact user names and their roles

Add a configuration variable to define a permission level threshold

Use a loop to assign permissions based on the threshold

Complete the IAM policy document with the assigned permissions

💡 Why This Matters

🌍 Real World

IAM is the foundation of AWS security. It helps companies protect their cloud resources by controlling access carefully.

💼 Career

Understanding IAM is essential for cloud engineers, security specialists, and anyone managing AWS environments.

Progress0 / 4 steps

Create IAM users dictionary

Create a dictionary called iam_users with these exact entries: 'Alice': 'admin', 'Bob': 'developer', 'Charlie': 'viewer'.

AWS

# Your code here

Need a hint?

Use a Python dictionary with user names as keys and roles as values.

Define permission level threshold

Add a variable called permission_threshold and set it to the string 'developer'.

AWS

iam_users = {'Alice': 'admin', 'Bob': 'developer', 'Charlie': 'viewer'}
# Your code here

Need a hint?

This variable will help decide which users get higher permissions.

Assign permissions based on threshold

Create a dictionary called user_permissions. Use a for loop with variables user and role to iterate over iam_users.items(). Assign 'full-access' to users with role 'admin', 'write-access' to users with role equal to permission_threshold, and 'read-only' to others.

AWS

iam_users = {'Alice': 'admin', 'Bob': 'developer', 'Charlie': 'viewer'}
permission_threshold = 'developer'
# Your code here

Need a hint?

Use a dictionary to store permissions and a loop to assign them based on roles.

Complete IAM policy document

Create a dictionary called iam_policy with a key 'Statement' whose value is a list of dictionaries. Each dictionary should have keys 'User' and 'Permission' with values from user_permissions. Use a for loop with variables user and permission to iterate over user_permissions.items() and build the list.

AWS

iam_users = {'Alice': 'admin', 'Bob': 'developer', 'Charlie': 'viewer'}
permission_threshold = 'developer'
user_permissions = {}
for user, role in iam_users.items():
    if role == 'admin':
        user_permissions[user] = 'full-access'
    elif role == permission_threshold:
        user_permissions[user] = 'write-access'
    else:
        user_permissions[user] = 'read-only'
iam_policy = {}
# Your code here

Need a hint?

Build a policy document listing each user and their permission.