AWS Security Blog

Tag: IAM

Verify Resource-Based Permissions Using the IAM Policy Simulator

Today, AWS Identity and Access Management (IAM) made it easier to help you verify your permissions by adding support for resource-based policies in the IAM policy simulator. This extends the capabilities of the IAM policy simulator console and APIs to help you understand, test, and validate how your resource-based policies and IAM policies work together […]

How to Receive Notifications When Your AWS Account’s Root Access Keys Are Used

AWS Identity and Access Management (IAM) best practices recommend using IAM users or roles to access your AWS resources, instead of using your root credentials. If you follow this best practice, though, how can you monitor for root activity and take action if such activity occurs? AWS CloudTrail and Amazon CloudWatch provide the solution. In […]

Test Your Roles’ Access Policies Using the AWS Identity and Access Management Policy Simulator

You can now use the AWS Identity and Access Management (IAM) policy simulator to test and validate your roles’ access control policies. The policy simulator is a tool to help you author and validate the policies that set permissions on your AWS resources. This tool provides a “playground” where you can iteratively author least privilege […]

How to Create a Limited IAM Administrator by Using Managed Policies

AWS Identity and Access Management (IAM) recently launched managed policies, which enable you to attach a single access control policy to multiple entities (IAM users, groups, and roles). Managed policies also give you precise, fine-grained control over how your users can manage policies and permissions for other entities. For example, you can control which managed […]