What is this IAM thing ?
and… why do I need to know about it ?
It’s a must know! It’s a major key when working in the cloud 🔑
Here is a good way to think about it.
Imagine you are going to a conference, and within the venues there are security personnel in different areas checking people’s passes.
The passes may have the following groups:
Staff - The people working there (Organizers, equipment, catering etc)
Speakers - The people speaking at the conference
General - The general admission for the attendees
Each of these groups will be allowed to enter with their pass, and have access to different parts of the venue.
Identity Access Management (IAM) works in a very similar fashion.
It identifies who is trying to access what then grants access if they have the appropriate permissions.
The only difference is that IAM is controlling the access to cloud resources.
These resources may include things like storage, network, compute services and much more in any of the cloud vendors.
All of which are very common building blocks for most cloud infrastructures.
Since all these services rely on IAM, I consider it a foundational piece.
Just like with our example of the conference, IAM is the security personnel.
It determines who can access what based on a defined policy or a configuration.
Before we part, let’s do a review!
💡 Review
► IAM is the security personnel within the cloud, it controls who and what for access control in all of the services (The technical term for this is Authentication & Authorization)
► IAM is the building block in which all others services build on top of
► IAM is one of the core pieces for security in the cloud
And… That’s all.
If you are in the process of learning about the cloud, I highly encourage you to start with IAM.
Like I said, it’s such a foundational piece; and once you learn it, it’ll make learning other services that much easier.
Do you agree ? or should someone learn something else to start ?
Let me know in the comments 👇