Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Implementing Identity Management on AWS
  • Table Of Contents Toc
Implementing Identity Management on AWS

Implementing Identity Management on AWS

By : Lehtinen
4.2 (5)
Buy this Book
close
close
Implementing Identity Management on AWS

Implementing Identity Management on AWS

4.2 (5)
By: Lehtinen
Buy this Book

Overview of this book

AWS identity management offers a powerful yet complex array of native capabilities and connections to existing enterprise identity systems for administrative and application identity use cases. This book breaks down the complexities involved by adopting a use-case-driven approach that helps identity and cloud engineers understand how to use the right mix of native AWS capabilities and external IAM components to achieve the business and security outcomes they want. You will begin by learning about the IAM toolsets and paradigms within AWS. This will allow you to determine how to best leverage them for administrative control, extending workforce identities to the cloud, and using IAM toolsets and paradigms on an app deployed on AWS. Next, the book demonstrates how to extend your on-premise administrative IAM capabilities to the AWS backplane, as well as how to make your workforce identities available for AWS-deployed applications. In the concluding chapters, you’ll learn how to use the native identity services with applications deployed on AWS. By the end of this IAM Amazon Web Services book, you will be able to build enterprise-class solutions for administrative and application identity using AWS IAM tools and external identity systems.
Table of Contents (17 chapters)
close
close
close
Preface
chevron up
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Download the example code files
Icon
Download the color images
Icon
Conventions used
Icon
Get in touch
Icon
Share Your Thoughts
1
Section 1: IAM and AWS – Critical Concepts, Definitions, and Tools
Icon
Section 1: IAM and AWS – Critical Concepts, Definitions, and Tools
Lock Free Chapter
2
Chapter 1: An Introduction to IAM and AWS IAM Concepts
Icon
Chapter 1: An Introduction to IAM and AWS IAM Concepts
Icon
Technical requirements
Icon
Understanding IAM
Icon
Exploring AWS IAM
Icon
Putting it all together
Icon
Summary
Icon
Questions
3
Chapter 2: An Introduction to the AWS CLI
Icon
Chapter 2: An Introduction to the AWS CLI
Icon
Technical requirements
Icon
Exploring the AWS CLI basics
Icon
Using the AWS CLI
Icon
Putting it all together – creating a functional IAM user with the AWS CLI
Icon
Summary
Icon
Questions
Icon
Further reading
4
Chapter 3: IAM User Management
Icon
Chapter 3: IAM User Management
Icon
Technical requirements
Icon
What is an IAM user account?
Icon
Managing and securing root IAM user accounts
Icon
Managing and securing IAM user accounts
Icon
Managing federated user accounts
Icon
Summary
Icon
Questions
5
Chapter 4: Access Management, Policies, and Permissions
Icon
Chapter 4: Access Management, Policies, and Permissions
Icon
Technical requirements
Icon
What is access management?
Icon
Introducing the AWS access policy types
Icon
The anatomy of an AWS JSON policy document
Icon
Exploring the AWS policy types
Icon
Policy evaluation
Icon
Governance
Icon
Summary
Icon
Questions
Icon
Further reading
6
Chapter 5: Introducing Amazon Cognito
Icon
Chapter 5: Introducing Amazon Cognito
Icon
Technical requirements
Icon
What is Amazon Cognito?
Icon
Amazon Cognito use cases
Icon
Creating an Amazon Cognito user pool
Icon
Exploring the hosted UI
Icon
Creating an Amazon Cognito identity pool
Icon
Summary
Icon
Questions
7
Chapter 6: Introduction to AWS Organizations and AWS Single Sign-On
Icon
Chapter 6: Introduction to AWS Organizations and AWS Single Sign-On
Icon
Technical requirements
Icon
What is AWS SSO?
Icon
AWS Organizations
Icon
Configuring AWS SSO in the Management Console
Icon
Configuring AWS SSO from the CLI
Icon
Summary
Icon
Questions
Icon
Further reading
8
Chapter 7: Other AWS Identity Services
Icon
Chapter 7: Other AWS Identity Services
Icon
Technical requirements
Icon
Understanding AWS Directory Service
Icon
Encryption and secrets management
Icon
Logging and auditing
Icon
Summary
Icon
Questions
Icon
Further reading
9
Section 2: Implementing IAM on AWS for Administrative Use Cases
Icon
Section 2: Implementing IAM on AWS for Administrative Use Cases
10
Chapter 8: An Ounce of Prevention – Planning Your Administrative Model
Icon
Chapter 8: An Ounce of Prevention – Planning Your Administrative Model
Icon
Technical requirements
Icon
Evaluating the organization's current IAM capabilities
Icon
Evaluating the business structure and account schema
Icon
Designing the AWS organizational structure
Icon
Summary
Icon
Questions
Icon
Further reading
11
Chapter 9: Bringing Your Admins into the AWS Administrative Backplane
Icon
Chapter 9: Bringing Your Admins into the AWS Administrative Backplane
Icon
Technical requirements
Icon
Defining our organization's identity source
Icon
Provisioning administrative accounts in AWS – account linking
Icon
Provisioning administrative accounts in AWS – SCIM provisioning
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Code samples
12
Chapter 10: Administrative Single Sign-On to the AWS Backplane
Icon
Chapter 10: Administrative Single Sign-On to the AWS Backplane
Icon
Technical requirements
Icon
Why use federation for AWS administrators?
Icon
Assigning access to AWS accounts
Icon
Implementing fine-grained access management for administrators
Icon
Administrative SSO using the AWS CLI
Icon
Summary
Icon
Questions
Icon
Further reading
13
Section 3: Implementing IAM on AWS for Application Use Cases
Icon
Section 3: Implementing IAM on AWS for Application Use Cases
14
Chapter 11: Bringing Your Users into AWS
Icon
Chapter 11: Bringing Your Users into AWS
Icon
Technical requirements
Icon
Distinguishing administrative users from non-administrative users
Icon
Solutions to non-administrative user use cases for apps on AWS
Icon
Using Managed AD and trusts
Icon
Creating the trust between AWS Managed AD and on-premises AD
Icon
Summary
Icon
Questions
Icon
Further reading
15
Chapter 12: AWS-Hosted Application Single Sign-On Using an Existing Identity Provider
Icon
Chapter 12: AWS-Hosted Application Single Sign-On Using an Existing Identity Provider
Icon
Technical requirements
Icon
Defining the use case and solution architecture
Icon
Creating a user pool
Icon
Connecting Amazon Cognito to an external IdP – SAML
Icon
Connecting Amazon Cognito to an external IdP – OIDC
Icon
Assuming roles with identity pools
Icon
Summary
Icon
Questions
Icon
Further reading
Icon
Why subscribe?
16
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share Your Thoughts

Preface

Amazon Web Services (AWS) is the largest cloud platform in the world. It was also the first modern cloud services provider and the first to achieve broad enterprise penetration. Whereas being the successful first mover in a market has its advantages, it can also limit a service’s flexibility. Compared to its biggest peers, which logically extend enterprise identity architectures (in part because they came to market years later), AWS’ IAM capabilities can appear slightly alien. Like an archaeologist examining a dig site, we can see artifacts that suggest the service had a history of differing access mechanisms and strategies over the years. Given the success of the service, perhaps it was deemed too great a risk to the growing user base to make sweeping, foundational changes to align more with the familiar IAM patterns found in other organizations.

As AWS predates many enterprise identity best practices and reference architectures, bridging the paradigms of modern enterprise IAM and AWS’ custom approach to IAM is often a difficult leap. Fortunately, with the advent of services such as AWS Organizations, AWS SSO, and Amazon Cognito, the service has never been more approachable. In this book, we will begin by examining the core services and components of identity on AWS in a manner designed to take the rough edges off its more eccentric components. Once we have built up our foundational knowledge, we will then apply what we have learned by solving familiar enterprise use cases.

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Implementing Identity Management on AWS
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon