Security is a very important aspect for any organization. IAM plays a vital role in securing your infrastructure and application. In this chapter, you have learned about different aspects of IAM, and also about how to define the access of AWS services and resource-based permissions, cross-account access, and federated access.
Apart from this, you have learned about other AWS security services, such as:
- AWS WAF and Shield: AWS WAF and Shield helps you implement security at Layer 7 to secure the application from cross-site scripts, MySQL injections, and DDoS attacks. We define access control policies to access the application.
- AWS CloudHSM: It's used to store encryption keys in a highly secure and available environment. It's always deployed in a cluster that lets you download CSR, and then you sign CSR and upload a certificate in a secure environment.
- AWS Cognito: Cognito provides a sign in and application authentication process using web identity providers such as Google, Facebook...