AWS Security Blog
Tag: Conditions
How to use customer managed policies in AWS IAM Identity Center for advanced use cases
September 23, 2022: This post had been updated to reflect main benefits on using CMPs with permission sets. Are you looking for a simpler way to manage permissions across all your AWS accounts? Perhaps you federate your identity provider (IdP) to each account and divide permissions and authorization between cloud and identity teams, but want […]
Build an end-to-end attribute-based access control strategy with AWS IAM Identity Center and Okta
April 25, 2023: We’ve updated this blog post to include more security learning resources. September 12, 2022: This blog post has been updated to reflect the new name of AWS Single Sign-On (SSO) – AWS IAM Identity Center. Read more about the name change here. This blog post discusses the benefits of using an attribute-based […]
Use the New Visual Editor to Create and Modify Your AWS IAM Policies
AWS Identity and Access Management (IAM) has made it easier for you to create and modify your IAM policies by using a point-and-click visual editor in the IAM console. The new visual editor guides you through granting permissions using IAM policies without requiring you to write the policy in JSON (although you can still author and edit policies in JSON, if you prefer). This update to the IAM console makes it easier to grant least privilege permissions for the AWS service actions you select by listing all the supported resource types and request conditions you can specify. And, as with policy summaries, the visual editor also identifies and helps you correct unrecognized services and actions and permissions errors when you import existing policies. In this blog post, I give a brief overview of policy concepts and show you how to create a new policy by using the visual editor.
AWS IAM Sessions at re:Invent 2015
As I said last week, the breakout sessions for the Security & Compliance track have been announced and are shown in the re:Invent 2015 session catalog. If you are going to re:Invent 2015, you can add these sessions to your schedule now. Today, I will highlight the AWS Identity and Access Management (IAM) sessions that […]