IAM

Q1. Why do we need an IAM Users and Groups?

• To allocate permission using policy documents (JSON documents).

Q2. Best IAM practices.

• Dont use AWS Root account for anything other AWS account setup.

• Always have one AWS user per person, dont share access keys or passwords.

• Leverage groups and assign permission to groups. Add users to groups.

• Create a strong password policy and MFA.

• Create Roles for AWS resources.

• Use AWS Access Keys for SDK and CLI.