Book Image

AWS Certified SysOps Administrator ??? Associate Guide

By : Marko Sluga
Book Image

AWS Certified SysOps Administrator ??? Associate Guide

By: Marko Sluga

Overview of this book

AWS certifications are becoming one of the must have certifications for any IT professional working on an AWS Cloud platform. This book will act as your one stop preparation guide to validate your technical expertise in deployment, management, and operations on the AWS platform. Along with exam specific content this book will also deep dive into real world scenarios and hands-on instructions. This book will revolve around concepts like teaching you to deploy, manage, and operate scalable, highly available, and fault tolerant systems on AWS. You will also learn to migrate an existing on-premises application to AWS. You get hands-on experience in selecting the appropriate AWS service based on compute, data, or security requirements. This book will also get you well versed with estimating AWS usage costs and identifying operational cost control mechanisms. By the end of this book, you will be all prepared to implement and manage resources efficiently on the AWS cloud along with confidently passing the AWS Certified SysOps Administrator – Associate exam.
Table of Contents (26 chapters)

Managing access with IAM

The SWF service allows us to control access to the SWF resources directly via IAM. Each actor in the workflow is required to use a secret key and access key to sign each and every request to the SWF service endpoint. The best practice will be to design our actors with roles that have the correct permission to access a certain workflow, and they can be issued temporary credentials to access and poll the SWF service. This means we do not need to expose our secret key and access key when designing our application. We can, however, maintain access with our secret key and access key when performing manual tasks or designing and troubleshooting the workflow itself.

There are two types of permissions that can be applied to each IAM security principal to control access to SWF:

  • Resource permissions: Allow us to define the resources that a user, group, or role...