Skip to main content



AWS : Security, Identity, and Compliance

Core service to create security is IAM and overview of it is available here.  Users, Roles, Groups, and Policies are core concepts in IAM.
User: End user (people or program)Groups: A collection of users under one set of permissionsRoles: We create roles and assign them to AWS resources/services such as If application on EC2 wants to access S3 objects then EC2 will need to be assigned a role with permissions to access S3.  A policy is the document that allows user or role to acces other AWS services and resources.

S3 security A S3 ACLs are additional service to manage access to buckets and objects. When a bucket is created, S3 creates a default ACL that grants the resource full control over the resource.  One can control to S3 bucket and objects using either or all: IAM, Bucket policy, and ACL. Few important points to note is:

Buckets and objects are Amazon S3 resources. Bucket and object permissions are independent of each other. An object does not inherit the permissions from its buck…

Latest Posts

AWS Storage options overview

Why not to do AWS Associate Solution Architect Certification

Interview Questions for Solutions or Technical or Application Architect in 2019

AWS Associate Architect - Create VPC

Experience, Process, and System APIs - Layers or not

TDD and/or BDD - The Maturity model for unit testing

Serverless - A game changer

AWS IAM overview

AWS Associate Architect - Summary of Services

Domain Driven Design