Use-Case: EC2 Instance in account A wants to access DynamoDB tables in Account B. Pre-RequisitesAccount A instances to assume role for DynamoDB access in Account BStepsAccount A (EC2 Instance): - Create a Role called CrossDDBAccess (or whatever you want to…
IAM
A collection of 8 posts
Difference with ECS Task and Execution IAM Roles on AWS
The difference between the AWS ECS Task Execution IAM Role and the IAM Role for Tasks.
Setup a Logstash Server for Amazon Elasticsearch Service and Auth with IAM
As many of you might know, when you deploy a ELK stack on Amazon Web Services, you only get E and K in the ELK stack, which is Elasticsearch and Kibana. Here we will be dealing with Logstash on EC2.…
IAM Policy to Allow Team Wide and User Level Permissions on AWS Secrets Manager
In this post we will simulate a scenario where a team would like to have access to create secrets under a team path name like /security-team/prod/* and /security-team/dev/* and allow all the users from that team to be…
Using IAM Authentication with Amazon Elasticsearch Service
Today I will demonstrate how to allow access to Amazons Elasticsearch Service using IAM Authenticationi using AWS Signature Version4. Elasticsearch Service Authentication Support: When it comes to security, Amazons Elasticsearch Service supports three types of access policies: Resource Based Identity…
Authenticate to your AWS RDS MySQL Instance via IAM
On Amazon Web Services with RDS for MySQL or Aurora with MySQL compatibility, you can authenticate to your Database instance or cluster using IAM for database authentication. The benefit of using this authentication method is that you don't need to…
AWS IAM Users and Groups: Encrypt and Decrypt Data using KMS via the CLI
In our previous post we went through the process on controlling access using the CLI for IAM, to Create a IAM Policy, Associating the Policy to a Group and Creating Users within the group to inherit the policy, in order…
How to Control Access with AWS IAM for Users and Groups using the CLI for Granting S3 Access
In this post, we will use Identity Access Management (IAM) on AWS to Control Access for our Groups and Users using the CLI, and as an example use-case, we will be allowing S3 Access for Users that is associated to…