IAM Security Tools, shared Resonsibillity, IAM Summary

IAM Credential Report (account - level) : report that lists the account's users and the status of their various credentials.

IAM Access Advisor (user-level) : Access advisor shows the service permissions granted to a user and when thoese services were last accessed.

 

you can download it from credintial report

 

Shared Responsibility Model for IAM

AWS Responsibility:

   Infra : globla network security

   Config and vulunerability analysis

   conpliance validation

 

User:

  Users,Groups, Roles, Policies management and monitoring

  Enable MFA on all accounts

  Rotate all of the keys often

  Use IAM tools to apply appropriate permissions.

 

 

IAM Summary

Users : maspped to a physical user, has a password for AWS Console

Groups : contains users only

Policies : Json document that outlines permissions for users or groups.

Roles : for EC2 or AWS services

Security : MFA + Password Policy

AWS CLI : manage the AWS services using conmand-line

AWS SDK : manage the AWS services using a programming language

Access Kets : access AWS services user CLI or SDK

Audit : IAM Credentail Reports & IAM Access Advisor