title
AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos | Edureka

description
( AWS Architect Certification Training - https://www.edureka.co/aws-certification-training ) In this Edureka tutorial on AWS IAM, we will show you how to secure your AWS account using IAM service in AWS. Below are the topics that are covered in this tutorial: 1. Why do we need Access Management? 2. What is IAM? 3. Components of IAM 4. Multi Factor Authentication 5. Hands-on For doubts & queries on AWS, post the same on Edureka Community: https://www.edureka.co/community/cloud-computing Facebook: https://www.facebook.com/edurekaIN/ Twitter: https://twitter.com/edurekain LinkedIn: https://www.linkedin.com/company/edureka How it Works? 1. This is a 5 Week Instructor led Online Course. 2. Course consists of 30 hours of online classes, 30 hours of assignment, 20 hours of project 3. We have a 24x7 One-on-One LIVE Technical Support to help you with any problems you might face or any clarifications you may require during the course. 4. You will get Lifetime Access to the recordings in the LMS. 5. At the end of the training you will have to complete the project based on which we will provide you a Verifiable Certificate! - - - - - - - - - - - - - - About the Course AWS Architect Certification Training from Edureka is designed to provide in depth knowledge about Amazon AWS architectural principles and its components. The sessions will be conducted by Industry practitioners who will train you to leverage AWS services to make the AWScloud infrastructure scalable, reliable, and highly available. This course is completely aligned to AWS Architect Certification - Associate Level exam conducted by Amazon Web Services. During this AWS Architect Online training, you'll learn: 1. AWS Architecture and different models of Cloud Computing 2. Compute Services: Amazon EC2, Auto Scaling and Load Balancing, AWS Lambda, Elastic Beanstalk 3. Amazon Storage Services : EBS, S3 AWS, Glacier, CloudFront, Snowball, Storage Gateway 4. Database Services: RDS, DynamoDB, ElastiCache, RedShift 5. Security and Identity Services: IAM, KMS 6. Networking Services: Amazon VPC, Route 53, Direct Connect 7. Management Tools: CloudTrail, CloudWatch, CloudFormation, OpsWorks, Trusty Advisor 8. Application Services: SES, SNS, SQS Course Objectives On completion of the AWS Architect Certification training, learner will be able to: 1. Design and deploy scalable, highly available, and fault tolerant systems on AWS 2. Understand lift and shift of an existing on-premises application to AWS 3. Ingress and egress of data to and from AWS 4. Identifying appropriate use of AWS architectural best practices 5. Estimating AWS costs and identifying cost control mechanisms Who should go for this course? This course is designed for students and IT professionals who want to pursue a career in Cloud Computing. The course is a best fit for: 1. Professionals interested in managing highly-available and fault-tolerant enterprise and web-scale software deployments. 2. Professionals who want Project Experience in migrating and deploying cloud based solutions. 3. DevOps professionals. Pre-requisites There are no specific prerequisites for this course. Any professional who has an understanding of IT Service Management can join this training. There is no programming knowledge needed and no prior AWS experience required. For more information, Please write back to us at sales@edureka.co or call us at IND: 9606058406 / US: 18338555775 (toll free). Customer Reviews: Joga Rao, Principal Data Architect at AEMO says: “I am a Customer at Edureka. I attended the AWS Architect Certification Training, I found the training to be very informative. The course content was excellent, just what I was after. The trainer was very knowledgeable. I found him to be very patient, he listened and answered everyone's questions. I especially liked the way he repeated and summarized the previous day's leanings at the start of each new day. I also liked his interactive style of training. Edureka demonstrated the highest standard of professionalism in delivering the course content and their support to me in helping complete the project has been exceptional. Thanks Edureka! ”

detail
{'title': 'AWS IAM Tutorial | Identity And Access Management (IAM) | AWS Training Videos | Edureka', 'heatmap': [{'end': 570.204, 'start': 539.679, 'weight': 0.708}, {'end': 1281.382, 'start': 1108.316, 'weight': 0.759}], 'summary': 'Tutorial on aws iam covers securing aws account, access management, user account management, access control, aws access control policies, and aws security, providing hands-on demonstrations and emphasizing the importance of iam in aws with practical examples and resources for further learning.', 'chapters': [{'end': 67.871, 'segs': [{'end': 67.871, 'src': 'embed', 'start': 26.779, 'weight': 0, 'content': [{'end': 31.22, 'text': "after that we're going to see what are the components, what are the different components of iam,", 'start': 26.779, 'duration': 4.441}, {'end': 36.462, 'text': 'and move on to discuss the multi-factor authentication service offered by iam.', 'start': 31.22, 'duration': 5.242}, {'end': 46.284, 'text': "and towards the end we'll be doing a hands-on wherein we'll be creating or i'll be demonstrating to you an application which will upload your files to s3 using the iam policies.", 'start': 36.462, 'duration': 9.822}, {'end': 50.134, 'text': 'alright, so, guys, this is our agenda for today.', 'start': 47.352, 'duration': 2.782}, {'end': 51.776, 'text': "I hope it's clear to you.", 'start': 50.134, 'duration': 1.642}, {'end': 52.356, 'text': 'alright, guys.', 'start': 51.776, 'duration': 0.58}, {'end': 54.819, 'text': 'so I welcome you all to the live session.', 'start': 52.356, 'duration': 2.463}, {'end': 59.162, 'text': 'any doubts that you have during the session, please put it down in the comment box.', 'start': 54.819, 'duration': 4.343}, {'end': 63.447, 'text': 'my team is here to help you out and Anywhere if you feel.', 'start': 59.162, 'duration': 4.285}, {'end': 67.871, 'text': 'if it is not a live session on your side anywhere, if you feel you have a doubt,', 'start': 63.447, 'duration': 4.424}], 'summary': 'The session covers iam components, mfa service, and a hands-on demo for file upload to s3 using iam policies.', 'duration': 41.092, 'max_score': 26.779, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM26779.jpg'}], 'start': 2.435, 'title': 'Securing aws account with iam', 'summary': 'Covers the agenda for an aws iam session, emphasizing the need for access management and discussing iam components, multi-factor authentication, and a hands-on demonstration of file uploading to s3 using iam policies.', 'chapters': [{'end': 67.871, 'start': 2.435, 'title': 'Securing aws account with iam', 'summary': 'Covers the agenda for an aws iam session, including the need for access management, iam components, multi-factor authentication, and a hands-on demonstration of file uploading to s3 using iam policies.', 'duration': 65.436, 'highlights': ['The session covers the agenda for an AWS IAM session, including the need for access management, IAM components, multi-factor authentication, and a hands-on demonstration of file uploading to S3 using IAM policies. The session agenda includes the need for access management, IAM components, multi-factor authentication, and a hands-on demonstration of file uploading to S3 using IAM policies.', 'The presenter will be demonstrating an application that uploads files to S3 using IAM policies. The presenter will demonstrate an application for file uploading to S3 using IAM policies.', 'Participants are encouraged to ask questions during the live session and can receive assistance from the team. Participants can ask questions during the live session and receive assistance from the team.']}], 'duration': 65.436, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM2435.jpg', 'highlights': ['The session covers the agenda for an AWS IAM session, including the need for access management, IAM components, multi-factor authentication, and a hands-on demonstration of file uploading to S3 using IAM policies.', 'The presenter will be demonstrating an application that uploads files to S3 using IAM policies.', 'Participants are encouraged to ask questions during the live session and can receive assistance from the team.']}, {'end': 693.995, 'segs': [{'end': 132.401, 'src': 'embed', 'start': 88.407, 'weight': 0, 'content': [{'end': 95.592, 'text': 'It has all the modules in it and it gives different users the permission to use the different servers right?', 'start': 88.407, 'duration': 7.185}, {'end': 104.493, 'text': 'Now, in your company, first of all, you should have an administrator which will have all the rights to access the server right?', 'start': 96.647, 'duration': 7.846}, {'end': 109.017, 'text': "So nobody in today's IT world works on the root account right?", 'start': 104.794, 'duration': 4.223}, {'end': 110.898, 'text': 'So there has to be an administrator account.', 'start': 109.057, 'duration': 1.841}, {'end': 114.842, 'text': 'So first, we will create an administrator account with all the permissions.', 'start': 111.219, 'duration': 3.623}, {'end': 118.864, 'text': 'now, tomorrow, say, a UI developer comes into your company.', 'start': 115.402, 'duration': 3.462}, {'end': 123.387, 'text': 'right now, a UI developer will only work on the graphical tools right.', 'start': 118.864, 'duration': 4.523}, {'end': 127.209, 'text': 'so he should only be allowed the graphical tools and not some other tools.', 'start': 123.387, 'duration': 3.822}, {'end': 132.401, 'text': 'maybe he shall not be given the internet access or something like that right.', 'start': 127.209, 'duration': 5.192}], 'summary': 'Implement role-based access control for different users and modules, including an administrator account, and restrict permissions for specific roles, such as a ui developer.', 'duration': 43.994, 'max_score': 88.407, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM88407.jpg'}, {'end': 227.065, 'src': 'embed', 'start': 196.624, 'weight': 1, 'content': [{'end': 201.048, 'text': 'so to accomplish this in AWS, you need a service called IAM.', 'start': 196.624, 'duration': 4.424}, {'end': 212.635, 'text': 'you have a service called IAM which uses this concept of access management and allows you to give it to your users who are going to use your account.', 'start': 201.048, 'duration': 11.587}, {'end': 216.418, 'text': 'So what is IAM?', 'start': 214.497, 'duration': 1.921}, {'end': 219.66, 'text': 'So, IAM is basically a service from AWS,', 'start': 216.458, 'duration': 3.202}, {'end': 227.065, 'text': 'using which you can give permissions to different users who are using the same AWS account that you have created.', 'start': 219.66, 'duration': 7.405}], 'summary': 'Iam in aws enables access management for users in a created account.', 'duration': 30.441, 'max_score': 196.624, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM196624.jpg'}, {'end': 302.717, 'src': 'embed', 'start': 273.252, 'weight': 3, 'content': [{'end': 276.895, 'text': 'but IAM is not only about creating users and creating policies.', 'start': 273.252, 'duration': 3.643}, {'end': 277.896, 'text': "it's more.", 'start': 276.895, 'duration': 1.001}, {'end': 282.601, 'text': "there is more to IAM, right, and hence we'll be discussing the different components of IAM now.", 'start': 277.896, 'duration': 4.705}, {'end': 285.743, 'text': "So let's go on and see what are the different components.", 'start': 283.101, 'duration': 2.642}, {'end': 290.007, 'text': 'So there are basically four different components in the IAM service.', 'start': 286.204, 'duration': 3.803}, {'end': 294.45, 'text': 'So the first service is user, then we have groups, then we have roles, and then we have policies.', 'start': 290.027, 'duration': 4.423}, {'end': 302.717, 'text': "So the way we are going to go about these are first I'm going to explain you each role or each service in IAM, each component in IAM,", 'start': 295.131, 'duration': 7.586}], 'summary': 'Iam comprises four components: users, groups, roles, and policies.', 'duration': 29.465, 'max_score': 273.252, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM273252.jpg'}, {'end': 570.204, 'src': 'heatmap', 'start': 539.679, 'weight': 0.708, 'content': [{'end': 545.282, 'text': 'So as of now, there are no groups, there is no existing user that I can copy from.', 'start': 539.679, 'duration': 5.603}, {'end': 551.864, 'text': "So I'll attach existing policies and since I want to attach the administrator access, that is the first policy over here,", 'start': 545.862, 'duration': 6.002}, {'end': 555.006, 'text': "I'll select that and click on next.", 'start': 551.864, 'duration': 3.142}, {'end': 560.568, 'text': 'Alright, so you can review all the settings that you did over here and click on create user.', 'start': 556.106, 'duration': 4.462}, {'end': 565.12, 'text': 'This will create a new user in your AWS account.', 'start': 561.957, 'duration': 3.163}, {'end': 570.204, 'text': 'So as you can see, I have got my access key ID and a secret access key.', 'start': 565.14, 'duration': 5.064}], 'summary': 'Creating a new user in aws account with administrator access and obtaining access key id and secret access key.', 'duration': 30.525, 'max_score': 539.679, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM539679.jpg'}], 'start': 67.871, 'title': 'It access management and aws iam', 'summary': 'Discusses the significance of access management in it, emphasizing the need for defining specific rights for different users. it also covers the concept of access management in aws using iam, detailing its components and demonstrating user creation with administrator access.', 'chapters': [{'end': 173.747, 'start': 67.871, 'title': 'Access management in it', 'summary': 'Discusses the importance of access management in it, emphasizing the need for defining specific rights for different users to ensure secure and efficient server usage, exemplified by the roles of administrator, ui developer, and business analyst.', 'duration': 105.876, 'highlights': ['The administrator account is created with all the permissions, ensuring complete access to the server.', 'Specific rights are defined for the UI developer, restricting access to certain tools and resources, enhancing security and efficiency.', 'The business analyst is assigned specific rights to access the analytics module while being restricted from other server aspects, ensuring secure and role-specific access.']}, {'end': 693.995, 'start': 173.747, 'title': 'Understanding aws iam', 'summary': 'Covers the concept of access management in aws using iam, detailing the components of iam, such as users, groups, roles, and policies, and demonstrates the process of creating a user with administrator access in aws iam.', 'duration': 520.248, 'highlights': ['IAM is a service from AWS that allows giving permissions to different users using the same AWS account, enabling multiple users to work on a single account, simplifying access management.', 'IAM consists of four main components: users, groups, roles, and policies, each serving specific functions in managing access and permissions within AWS.', 'Creating a user with administrator access in AWS IAM involves defining the type of access (AWS Management Console access and programmatic access), setting a password, defining permissions, and obtaining access keys for the user.', 'It is recommended to avoid working in the root account and instead create an administrator account for regular usage, with the root account reserved for emergencies.', 'When setting up programmatic access for a user, access key and secret key are generated, which need to be securely stored for future use.']}], 'duration': 626.124, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM67871.jpg', 'highlights': ['The administrator account is created with all the permissions, ensuring complete access to the server.', 'IAM is a service from AWS that allows giving permissions to different users using the same AWS account, enabling multiple users to work on a single account, simplifying access management.', 'Specific rights are defined for the UI developer, restricting access to certain tools and resources, enhancing security and efficiency.', 'IAM consists of four main components: users, groups, roles, and policies, each serving specific functions in managing access and permissions within AWS.']}, {'end': 982.734, 'segs': [{'end': 729.838, 'src': 'embed', 'start': 699.901, 'weight': 1, 'content': [{'end': 706.565, 'text': "So now I have basically signed in to the user that I've just created on my root account.", 'start': 699.901, 'duration': 6.664}, {'end': 709.607, 'text': 'So I no longer have to use my root account.', 'start': 707.166, 'duration': 2.441}, {'end': 714.27, 'text': 'I can basically lock away my root account for emergency purposes.', 'start': 710.328, 'duration': 3.942}, {'end': 716.872, 'text': "I'll be using my administrator account from now on.", 'start': 714.39, 'duration': 2.482}, {'end': 721.934, 'text': 'I can do everything from my administrator account that could be done from my root account as well.', 'start': 717.592, 'duration': 4.342}, {'end': 729.838, 'text': 'But there are cases where in you get locked out from your administrator account in that cases you will be needing your root access.', 'start': 722.555, 'duration': 7.283}], 'summary': 'Created and switched to new user account for daily tasks, reserving root access for emergencies.', 'duration': 29.937, 'max_score': 699.901, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM699901.jpg'}, {'end': 871.116, 'src': 'embed', 'start': 822.376, 'weight': 2, 'content': [{'end': 824.419, 'text': "Alright, and I'll click on next step.", 'start': 822.376, 'duration': 2.043}, {'end': 830.494, 'text': "Now it'll ask me the policy that I want to attach to this particular group.", 'start': 826.471, 'duration': 4.023}, {'end': 838.2, 'text': 'So say for example, I just want this group to be able to access the S3 service from AWS.', 'start': 831.255, 'duration': 6.945}, {'end': 845.465, 'text': "So what I'll do is I will select the policy which says Amazon S3 full access and I'll click on next step.", 'start': 838.74, 'duration': 6.725}, {'end': 853.431, 'text': "Now this policy basically tells you that you're gonna only use the S3 service in the management console and no other service.", 'start': 845.825, 'duration': 7.606}, {'end': 864.434, 'text': "So, I'll click on create group and now whichever user I will be putting inside this group will have this property.", 'start': 854.651, 'duration': 9.783}, {'end': 868.575, 'text': "So, I don't have to configure the policy for any user now.", 'start': 864.934, 'duration': 3.641}, {'end': 871.116, 'text': "So, what I'll do is I'll create a new user now.", 'start': 868.995, 'duration': 2.121}], 'summary': 'Configuring amazon s3 full access policy for a group to access s3 service from aws.', 'duration': 48.74, 'max_score': 822.376, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM822376.jpg'}, {'end': 929.752, 'src': 'embed', 'start': 901.11, 'weight': 0, 'content': [{'end': 904.112, 'text': "I want to include it inside the group that I've just created.", 'start': 901.11, 'duration': 3.002}, {'end': 909.377, 'text': "And I'll click on next and review all the settings that I've just did and click on create user.", 'start': 904.953, 'duration': 4.424}, {'end': 915.246, 'text': 'So the test account has just been created.', 'start': 913.045, 'duration': 2.201}, {'end': 922.809, 'text': 'Now as you can see guys in the case of my account which I created, I got an access key and a secret access key.', 'start': 915.346, 'duration': 7.463}, {'end': 927.211, 'text': "So in this case I'm not getting any because I didn't select the programmatic access.", 'start': 923.149, 'duration': 4.062}, {'end': 929.752, 'text': 'Only when you select the programmatic access,', 'start': 927.831, 'duration': 1.921}], 'summary': 'Created a test account without programmatic access.', 'duration': 28.642, 'max_score': 901.11, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM901110.jpg'}], 'start': 699.901, 'title': 'Managing user accounts and access control', 'summary': 'Discusses creating/logging into a new user account, the process to switch from root to admin account, maintaining root access for emergencies, and creating new users in the iam system. it also emphasizes the importance of creating groups in aws for efficient user access management, providing an example of creating a group, attaching a policy, and creating a user within the group to demonstrate simplified access management for multiple users.', 'chapters': [{'end': 749.091, 'start': 699.901, 'title': 'Managing user accounts and access control', 'summary': 'Discusses the process of creating and logging into a new user account, emphasizing the ability to switch from root account to an administrator account and the importance of maintaining root access for emergency situations. additionally, it highlights the creation of a new user in the iam system.', 'duration': 49.19, 'highlights': ['The ability to switch from root account to an administrator account and the importance of maintaining root access for emergency purposes.', 'Emphasizing the process of creating and logging into a new user account.', 'Highlighting the creation of a new user in the IAM system.']}, {'end': 982.734, 'start': 749.851, 'title': 'Managing users and groups in aws', 'summary': 'Explains the importance of creating groups in aws to efficiently manage user access by providing an example of creating a group, attaching a policy, and creating a user within the group to demonstrate how it simplifies access management for multiple users.', 'duration': 232.883, 'highlights': ['Creating groups in AWS is important as it simplifies access management for multiple users, for example, by creating a group, attaching a policy, and creating a user within the group to demonstrate how it simplifies access management for multiple users. Creating groups in AWS simplifies access management for multiple users, for example, by creating a group, attaching a policy, and creating a user within the group to demonstrate how it simplifies access management for multiple users.', "The policy 'Amazon S3 full access' is attached to a group to grant access to the S3 service in the management console, streamlining the process of access control for the users within the group. The policy 'Amazon S3 full access' is attached to a group to grant access to the S3 service in the management console, streamlining the process of access control for the users within the group.", 'The process of creating a new user and including them in a group simplifies the access management process by ensuring that the user inherits the permissions assigned to the group, thus eliminating the need to configure individual user policies. The process of creating a new user and including them in a group simplifies the access management process by ensuring that the user inherits the permissions assigned to the group, thus eliminating the need to configure individual user policies.']}], 'duration': 282.833, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM699901.jpg', 'highlights': ['The process of creating and logging into a new user account.', 'The ability to switch from root account to an administrator account and the importance of maintaining root access for emergency purposes.', 'Creating groups in AWS simplifies access management for multiple users, for example, by creating a group, attaching a policy, and creating a user within the group to demonstrate how it simplifies access management for multiple users.', "The policy 'Amazon S3 full access' is attached to a group to grant access to the S3 service in the management console, streamlining the process of access control for the users within the group.", 'The process of creating a new user and including them in a group simplifies the access management process by ensuring that the user inherits the permissions assigned to the group, thus eliminating the need to configure individual user policies.']}, {'end': 1324.542, 'segs': [{'end': 1012.251, 'src': 'embed', 'start': 983.415, 'weight': 5, 'content': [{'end': 989.038, 'text': 'But when you will try to access, say, a service which you have not been assigned to, say, for example,', 'start': 983.415, 'duration': 5.623}, {'end': 994.822, 'text': "I only have access to S3 right now because I've deployed it in the group where it has only the access to S3..", 'start': 989.038, 'duration': 5.784}, {'end': 998.765, 'text': "If I try to go inside EC2, let's see what will happen.", 'start': 995.363, 'duration': 3.402}, {'end': 1007.049, 'text': "So it says you're not authorized to describe running instances.", 'start': 1003.468, 'duration': 3.581}, {'end': 1012.251, 'text': "As a matter of fact, I'm not authorized to see anything on my EC2 page.", 'start': 1007.649, 'duration': 4.602}], 'summary': 'Limited access to s3, not authorized for ec2 operations.', 'duration': 28.836, 'max_score': 983.415, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM983415.jpg'}, {'end': 1097.952, 'src': 'embed', 'start': 1067.33, 'weight': 2, 'content': [{'end': 1072.333, 'text': "I'll go to this particular group and I can see that the policy is listed over there.", 'start': 1067.33, 'duration': 5.003}, {'end': 1080.44, 'text': "What I'll do is I click on detach policy and let's see what happens now, right? So I'll go to management console.", 'start': 1072.374, 'duration': 8.066}, {'end': 1094.189, 'text': "So if now I try to access S3, it'll show me that access is denied, right? So I no longer have access to the S3 service on my AWS console.", 'start': 1082.021, 'duration': 12.168}, {'end': 1097.952, 'text': 'So this is how you can control access to different users.', 'start': 1094.229, 'duration': 3.723}], 'summary': 'Detaching policy in console restricts s3 access, demonstrating access control.', 'duration': 30.622, 'max_score': 1067.33, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM1067330.jpg'}, {'end': 1281.382, 'src': 'heatmap', 'start': 1108.316, 'weight': 0.759, 'content': [{'end': 1113.499, 'text': "Alright, so we've discussed what are users, we've discussed what are groups, now let's come back, come down to roles.", 'start': 1108.316, 'duration': 5.183}, {'end': 1120.183, 'text': 'Alright, so roles are similar to users, but roles are actually assigned to applications.', 'start': 1114.039, 'duration': 6.144}, {'end': 1123.305, 'text': 'Alright, so users are actually assigned to people right?', 'start': 1120.664, 'duration': 2.641}, {'end': 1128.008, 'text': 'So whenever you have a developer in the company, you will assign him the developer roles right?', 'start': 1123.606, 'duration': 4.402}, {'end': 1132.191, 'text': 'But when you have roles, roles are basically assigned to applications.', 'start': 1128.068, 'duration': 4.123}, {'end': 1133.152, 'text': 'How? Let me explain you.', 'start': 1132.231, 'duration': 0.921}, {'end': 1139.79, 'text': "Say you create an EC2 instance and inside that EC2 instance you're hosting a web application.", 'start': 1134.286, 'duration': 5.504}, {'end': 1146.795, 'text': 'Now that web application has been designed in such a way that it has to interact with your S3 services for example.', 'start': 1140.39, 'duration': 6.405}, {'end': 1150.378, 'text': "I'll be showing you the demonstration today for this.", 'start': 1146.995, 'duration': 3.383}, {'end': 1154.321, 'text': 'So say that application has to interact with the S3 service.', 'start': 1150.678, 'duration': 3.643}, {'end': 1160.474, 'text': 'Now, if I want to want that application to interact with the S3 service, I have to give it permissions.', 'start': 1155.191, 'duration': 5.283}, {'end': 1163.396, 'text': 'And to give it permissions, I will use role.', 'start': 1161.255, 'duration': 2.141}, {'end': 1168.739, 'text': 'So I will create a role wherein I will specify that this role can access the S3 service.', 'start': 1163.456, 'duration': 5.283}, {'end': 1175.503, 'text': 'And I will attach this particular role to that particular EC2 instance in which my application is hosted.', 'start': 1169.179, 'duration': 6.324}, {'end': 1179.866, 'text': 'And in that case, my application will be able to interact with the S3 service.', 'start': 1175.964, 'duration': 3.902}, {'end': 1185.271, 'text': 'right. it might sound complicated, guys, but it is very easy to implement.', 'start': 1180.549, 'duration': 4.722}, {'end': 1186.711, 'text': 'let me show you how.', 'start': 1185.271, 'duration': 1.44}, {'end': 1193.214, 'text': "so what i'll do now is i'll go back to my management console, which is here all right.", 'start': 1186.711, 'duration': 6.503}, {'end': 1199.076, 'text': "i'll go to the dashboard and say i'll go to roles.", 'start': 1193.214, 'duration': 5.862}, {'end': 1202.777, 'text': "now, all right, so i'll create a new role.", 'start': 1199.076, 'duration': 3.701}, {'end': 1208.612, 'text': 'Now roles can be assigned to any AWS service which is listed here.', 'start': 1204.13, 'duration': 4.482}, {'end': 1213.553, 'text': "What I'll do is I'll create a role type of EC2.", 'start': 1209.132, 'duration': 4.421}, {'end': 1215.514, 'text': "So I'll select Amazon EC2.", 'start': 1214.113, 'duration': 1.401}, {'end': 1224.697, 'text': 'And what type of role do I want to apply it to? I want to say have the access to S3.', 'start': 1216.514, 'duration': 8.183}, {'end': 1230.359, 'text': "So I'll select Amazon S3 full access over here and I'll click on next step.", 'start': 1225.637, 'duration': 4.722}, {'end': 1232.555, 'text': "So it'll ask me the role name.", 'start': 1231.314, 'duration': 1.241}, {'end': 1239.001, 'text': "So let me specify the role name as Edureka underscore one, right? And I'll click on create role.", 'start': 1232.575, 'duration': 6.426}, {'end': 1247.428, 'text': "So, with this, a role has now been created, but mind you guys, I've not attached this role to any EC2 instance, right?", 'start': 1240.262, 'duration': 7.166}, {'end': 1251.091, 'text': "So what I'll do now is I'll go to my EC2 console.", 'start': 1247.448, 'duration': 3.643}, {'end': 1255.959, 'text': 'So over there, I already have built an EC0 instance.', 'start': 1252.395, 'duration': 3.564}, {'end': 1257.42, 'text': 'It is stopped.', 'start': 1256.339, 'duration': 1.081}, {'end': 1261.884, 'text': "So I'll start it and attach this particular policy to that EC0 instance.", 'start': 1257.48, 'duration': 4.404}, {'end': 1264.807, 'text': 'All right.', 'start': 1264.467, 'duration': 0.34}, {'end': 1268.491, 'text': 'So my EC0 instance name is Hemant underscore one.', 'start': 1265.107, 'duration': 3.384}, {'end': 1269.211, 'text': 'So here it is.', 'start': 1268.551, 'duration': 0.66}, {'end': 1270.793, 'text': 'Go to actions.', 'start': 1269.932, 'duration': 0.861}, {'end': 1272.655, 'text': "I'll start this particular instance.", 'start': 1271.073, 'duration': 1.582}, {'end': 1281.382, 'text': 'Right And what I can do is I can attach the policy using instance settings.', 'start': 1275.816, 'duration': 5.566}], 'summary': 'Roles are assigned to applications for permissions; demonstrated with aws ec2 and s3 services.', 'duration': 173.066, 'max_score': 1108.316, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM1108316.jpg'}, {'end': 1186.711, 'src': 'embed', 'start': 1120.664, 'weight': 0, 'content': [{'end': 1123.305, 'text': 'Alright, so users are actually assigned to people right?', 'start': 1120.664, 'duration': 2.641}, {'end': 1128.008, 'text': 'So whenever you have a developer in the company, you will assign him the developer roles right?', 'start': 1123.606, 'duration': 4.402}, {'end': 1132.191, 'text': 'But when you have roles, roles are basically assigned to applications.', 'start': 1128.068, 'duration': 4.123}, {'end': 1133.152, 'text': 'How? Let me explain you.', 'start': 1132.231, 'duration': 0.921}, {'end': 1139.79, 'text': "Say you create an EC2 instance and inside that EC2 instance you're hosting a web application.", 'start': 1134.286, 'duration': 5.504}, {'end': 1146.795, 'text': 'Now that web application has been designed in such a way that it has to interact with your S3 services for example.', 'start': 1140.39, 'duration': 6.405}, {'end': 1150.378, 'text': "I'll be showing you the demonstration today for this.", 'start': 1146.995, 'duration': 3.383}, {'end': 1154.321, 'text': 'So say that application has to interact with the S3 service.', 'start': 1150.678, 'duration': 3.643}, {'end': 1160.474, 'text': 'Now, if I want to want that application to interact with the S3 service, I have to give it permissions.', 'start': 1155.191, 'duration': 5.283}, {'end': 1163.396, 'text': 'And to give it permissions, I will use role.', 'start': 1161.255, 'duration': 2.141}, {'end': 1168.739, 'text': 'So I will create a role wherein I will specify that this role can access the S3 service.', 'start': 1163.456, 'duration': 5.283}, {'end': 1175.503, 'text': 'And I will attach this particular role to that particular EC2 instance in which my application is hosted.', 'start': 1169.179, 'duration': 6.324}, {'end': 1179.866, 'text': 'And in that case, my application will be able to interact with the S3 service.', 'start': 1175.964, 'duration': 3.902}, {'end': 1185.271, 'text': 'right. it might sound complicated, guys, but it is very easy to implement.', 'start': 1180.549, 'duration': 4.722}, {'end': 1186.711, 'text': 'let me show you how.', 'start': 1185.271, 'duration': 1.44}], 'summary': 'Users assigned to roles, roles assigned to applications for interaction. permissions given using roles for seamless interaction.', 'duration': 66.047, 'max_score': 1120.664, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM1120664.jpg'}], 'start': 983.415, 'title': 'Access control in aws', 'summary': 'Explains the process of controlling access in aws, demonstrating the impact of assigning and revoking permissions on services such as s3 and ec2, ultimately showcasing how access can be controlled for different users. it also discusses the concept of iam roles, explaining their use in assigning permissions to applications, demonstrating the process of creating and attaching a role to an ec2 instance, and highlighting the seamless interaction between the application and the s3 service.', 'chapters': [{'end': 1097.952, 'start': 983.415, 'title': 'Access control in aws', 'summary': 'Explains the process of controlling access in aws, demonstrating the impact of assigning and revoking permissions on services such as s3 and ec2, ultimately showcasing how access can be controlled for different users.', 'duration': 114.537, 'highlights': ['Access to S3 and EC2 services The speaker demonstrates the impact of having access to S3 but not EC2, showing the specific error message when attempting to access a service without authorization.', 'Effect of permission changes The speaker showcases the impact of detaching a policy, leading to the denial of access to the S3 service, highlighting the direct effect of permission changes.', 'Control over user access The chapter concludes by emphasizing the ability to control access for different users, showcasing the practical implementation of access control in AWS.']}, {'end': 1324.542, 'start': 1097.972, 'title': 'Managing access with iam and roles', 'summary': 'Discusses the concept of iam roles, explaining their use in assigning permissions to applications, demonstrating the process of creating and attaching a role to an ec2 instance, and highlighting the seamless interaction between the application and the s3 service.', 'duration': 226.57, 'highlights': ['Demonstration of creating and attaching a role to an EC2 instance for seamless interaction with the S3 service The instructor demonstrates creating a role for an EC2 instance with Amazon S3 full access, attaching the role to the instance, and highlighting the seamless interaction between the application and the S3 service.', 'Explanation of assigning permissions to applications using roles for interaction with AWS services The chapter explains how roles are used to assign permissions to applications, demonstrating the process of specifying permissions for an application to interact with the S3 service using a role.', 'Clarification on the distinction between assigning roles to applications and users in IAM The instructor clarifies the distinction between assigning roles to applications and users in IAM, illustrating the role assignment to applications and users, providing clarity on the concept.']}], 'duration': 341.127, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM983415.jpg', 'highlights': ['Demonstration of creating and attaching a role to an EC2 instance for seamless interaction with the S3 service', 'Explanation of assigning permissions to applications using roles for interaction with AWS services', 'Control over user access and practical implementation of access control in AWS', 'Clarification on the distinction between assigning roles to applications and users in IAM', 'Effect of permission changes and the direct impact on access to the S3 service', 'Access to S3 and EC2 services and the specific error message when attempting unauthorized access']}, {'end': 1703.494, 'segs': [{'end': 1352.604, 'src': 'embed', 'start': 1324.742, 'weight': 0, 'content': [{'end': 1328.245, 'text': 'We are getting on to where do we actually use these keys and where do we not.', 'start': 1324.742, 'duration': 3.503}, {'end': 1337.992, 'text': 'Alright, so this is what your roles are all about, right? So roles, like I said, they are for resources in AWS.', 'start': 1328.265, 'duration': 9.727}, {'end': 1339.754, 'text': 'Users are for people.', 'start': 1338.673, 'duration': 1.081}, {'end': 1342.576, 'text': 'Roles and users are similar things.', 'start': 1340.434, 'duration': 2.142}, {'end': 1352.604, 'text': 'You attach policies onto them and they basically identify a particular instance or a particular person as the owner of that particular service,', 'start': 1342.776, 'duration': 9.828}], 'summary': 'Roles and users in aws are used to identify resources and people, with policies attached to them.', 'duration': 27.862, 'max_score': 1324.742, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM1324742.jpg'}, {'end': 1405.065, 'src': 'embed', 'start': 1374.14, 'weight': 1, 'content': [{'end': 1380.124, 'text': "so that ec2 instance access is basically a policy that i'll be attaching to the user or to the rules.", 'start': 1374.14, 'duration': 5.984}, {'end': 1383.146, 'text': "all right, uh, let's see how we can create policies, guys.", 'start': 1380.124, 'duration': 3.022}, {'end': 1389.832, 'text': "so i'll go to my management console, i'll go to iam Right.", 'start': 1383.146, 'duration': 6.686}, {'end': 1395.417, 'text': 'so you can either create policies or you can actually use already existing ones.', 'start': 1389.832, 'duration': 5.585}, {'end': 1405.065, 'text': 'So there are a couple of policies that have already been created in your AWS account, but you can go ahead and create your own policy as well.', 'start': 1395.997, 'duration': 9.068}], 'summary': 'Creating ec2 instance access policy for users via iam console.', 'duration': 30.925, 'max_score': 1374.14, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM1374140.jpg'}, {'end': 1623.624, 'src': 'embed', 'start': 1597.823, 'weight': 4, 'content': [{'end': 1602.621, 'text': 'so if I go to ec2, you can see it will not give me the access denied thing.', 'start': 1597.823, 'duration': 4.798}, {'end': 1610.486, 'text': 'So I can access all the instances over here as if I was using the root account, but only for the EC2 service.', 'start': 1603.242, 'duration': 7.244}, {'end': 1620.331, 'text': "If I go to S3, you can see I will still have the access denied page because I've not been assigned the access to this particular service.", 'start': 1611.106, 'duration': 9.225}, {'end': 1623.624, 'text': 'Alright, one more thing, guys.', 'start': 1621.223, 'duration': 2.401}], 'summary': 'Access to ec2 granted, but denied for s3.', 'duration': 25.801, 'max_score': 1597.823, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM1597823.jpg'}, {'end': 1709.859, 'src': 'embed', 'start': 1682.805, 'weight': 2, 'content': [{'end': 1686.646, 'text': 'you either get the allow option or the deny option.', 'start': 1682.805, 'duration': 3.841}, {'end': 1691.529, 'text': "If you have selected both of them, it'll always prefer the least permission that you have given.", 'start': 1686.827, 'duration': 4.702}, {'end': 1693.89, 'text': 'So in our case, that is the deny option right?', 'start': 1691.569, 'duration': 2.321}, {'end': 1698.512, 'text': "So it'll always deny the case, even if you have allowed it in the same user right?", 'start': 1693.91, 'duration': 4.602}, {'end': 1703.494, 'text': 'If you have mentioned that that particular service has to be denied to that particular user.', 'start': 1698.572, 'duration': 4.922}, {'end': 1707.417, 'text': 'Alright, so this was about policies guys.', 'start': 1704.215, 'duration': 3.202}, {'end': 1709.859, 'text': 'Let me come back to my slide.', 'start': 1708.758, 'duration': 1.101}], 'summary': 'When both allow and deny options are selected, the system will always prefer deny, even if allow is also selected, as explained in the context of policies.', 'duration': 27.054, 'max_score': 1682.805, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM1682805.jpg'}], 'start': 1324.742, 'title': 'Aws access control policies', 'summary': 'Covers aws roles, users, and policies, including creating policies in the iam management console, and managing access control policies by allowing and denying access to specific services with the concept of least privilege.', 'chapters': [{'end': 1473.891, 'start': 1324.742, 'title': 'Aws roles, users, and policies', 'summary': 'Discusses the roles and users in aws, their similarities, and the concept of policies as permissions, including a demonstration of creating policies in the iam management console.', 'duration': 149.149, 'highlights': ['The chapter discusses the roles and users in AWS, their similarities, and the concept of policies as permissions. Roles and users in AWS are discussed, emphasizing their similarities and the concept of policies as permissions for resources and people.', 'A demonstration of creating policies in the IAM management console is provided. The process of creating policies in the IAM management console is demonstrated, including adding permissions and attaching existing policies or creating new ones.']}, {'end': 1703.494, 'start': 1474.211, 'title': 'Managing access control policies in aws', 'summary': 'Discusses how to create and manage access control policies in aws, including allowing and denying access to specific services, highlighting the concept of least privilege and its implications for user access.', 'duration': 229.283, 'highlights': ["When creating access control policies in AWS, specifying 'allow' and 'deny' together in a group will result in the least permission being preferred, as demonstrated by allowing and denying EC2 access to a user, leading to the denial of access to EC2 despite the previous allowance. Demonstrates the concept of least privilege in access control policies by showing the result of combining 'allow' and 'deny' together, resulting in the least permission being preferred", "Creating an access policy in AWS involves specifying either 'allow' or 'deny' options, and if both are selected, the deny option will take precedence, as shown by the denial of EC2 access despite the previous allowance. Explains that when creating an access policy, the 'allow' and 'deny' options cannot be selected together, with the deny option taking precedence over the allow option if both are chosen", 'Demonstrates the process of granting and denying access to EC2 instances for a user in AWS, showcasing the steps involved in allowing and denying access to a specific service. Illustrates the steps involved in granting and denying access to a specific service, specifically EC2 instances, for a user in AWS']}], 'duration': 378.752, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM1324742.jpg', 'highlights': ['The chapter discusses the roles and users in AWS, their similarities, and the concept of policies as permissions.', 'A demonstration of creating policies in the IAM management console is provided.', "Demonstrates the concept of least privilege in access control policies by showing the result of combining 'allow' and 'deny' together, resulting in the least permission being preferred.", "Explains that when creating an access policy, the 'allow' and 'deny' options cannot be selected together, with the deny option taking precedence over the allow option if both are chosen.", 'Illustrates the steps involved in granting and denying access to a specific service, specifically EC2 instances, for a user in AWS.']}, {'end': 2692.855, 'segs': [{'end': 1765.963, 'src': 'embed', 'start': 1741.843, 'weight': 0, 'content': [{'end': 1749.569, 'text': "You can configure your AWS account in such a way that you will enter your username, you'll enter your password and, when you click on login,", 'start': 1741.843, 'duration': 7.726}, {'end': 1754.533, 'text': "it'll also ask you for a code that has to be given to it.", 'start': 1749.569, 'duration': 4.964}, {'end': 1759.477, 'text': "Now that code is basically the multi-factor authentication thing that we're talking about.", 'start': 1754.994, 'duration': 4.483}, {'end': 1761.419, 'text': 'So there are basically two layers of security now.', 'start': 1759.498, 'duration': 1.921}, {'end': 1765.963, 'text': "One layer is a password and second layer becomes the code that you'll be entering right?", 'start': 1761.919, 'duration': 4.044}], 'summary': 'Configure aws account for two-layer security with username, password, and code for multi-factor authentication.', 'duration': 24.12, 'max_score': 1741.843, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM1741843.jpg'}, {'end': 1834.248, 'src': 'embed', 'start': 1811.949, 'weight': 2, 'content': [{'end': 1819.996, 'text': 'You just have to download an application called Google Authenticator on your phone and you have to connect that application to your AWS account,', 'start': 1811.949, 'duration': 8.047}, {'end': 1820.576, 'text': 'and that is it.', 'start': 1819.996, 'duration': 0.58}, {'end': 1823.419, 'text': "Now it might sound tough, but it's very simple.", 'start': 1820.717, 'duration': 2.702}, {'end': 1824.139, 'text': 'Let me show you how.', 'start': 1823.439, 'duration': 0.7}, {'end': 1834.248, 'text': 'So you will basically go to your AWS management console and you will go to the particular user that you want that multi-factor authentication to be assigned to.', 'start': 1824.8, 'duration': 9.448}], 'summary': 'Enable multi-factor authentication for aws user via google authenticator app', 'duration': 22.299, 'max_score': 1811.949, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM1811949.jpg'}, {'end': 2268.766, 'src': 'embed', 'start': 2243.082, 'weight': 4, 'content': [{'end': 2248.065, 'text': 'so let me show you, without the secret key and access key, how is this localhost website functioning?', 'start': 2243.082, 'duration': 4.983}, {'end': 2257.961, 'text': "So if I try to upload a file as of now, say this is the file that I want to upload, I'll click on upload image and I'll get an error right?", 'start': 2248.225, 'duration': 9.736}, {'end': 2262.863, 'text': 'Because it is not authenticating itself to the service that I want to go to.', 'start': 2258.001, 'duration': 4.862}, {'end': 2268.766, 'text': "So now I'll add the credentials, that is the key and the secret key.", 'start': 2264.484, 'duration': 4.282}], 'summary': "Demonstrated localhost website's file upload error without credentials, then added key and secret key to authenticate.", 'duration': 25.684, 'max_score': 2243.082, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM2243082.jpg'}, {'end': 2602.038, 'src': 'embed', 'start': 2555.014, 'weight': 5, 'content': [{'end': 2563.177, 'text': 'Now, before ending the session, let me quickly show you, if you are keen to learn AWS, we have quite a few resources on AWS that you can go through.', 'start': 2555.014, 'duration': 8.163}, {'end': 2570.44, 'text': 'So, on YouTube, we have a playlist on AWS which has around 47 videos for you right?', 'start': 2563.758, 'duration': 6.682}, {'end': 2575.442, 'text': 'So if you want to learn more about AWS, you can go through these AWS videos and learn more.', 'start': 2570.5, 'duration': 4.942}, {'end': 2583.367, 'text': 'any doubts that you have among any of the videos, you can put it in the comment box and we will reply as soon as possible.', 'start': 2575.922, 'duration': 7.445}, {'end': 2587.29, 'text': 'alright, if you are into reading, we also have a blogging section on AWS.', 'start': 2583.367, 'duration': 3.923}, {'end': 2596.035, 'text': 'you can go through the blogs and get an introduction to AWS and if you are interested to get certified in AWS,', 'start': 2587.29, 'duration': 8.745}, {'end': 2602.038, 'text': 'we also happen to offer a course right and you can go through the course details here.', 'start': 2596.035, 'duration': 6.003}], 'summary': 'Access 47 aws videos on youtube and aws blogs for learning. also, a course is available for aws certification.', 'duration': 47.024, 'max_score': 2555.014, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM2555014.jpg'}], 'start': 1704.215, 'title': 'Aws security and learning resources', 'summary': 'Covers aws multi-factor authentication, its setup process, configuring iam and ec2 for credential management, and various learning resources including 47 youtube videos, blogging section, and flexible batch timings for a course.', 'chapters': [{'end': 1811.909, 'start': 1704.215, 'title': 'Aws multi-factor authentication', 'summary': 'Discusses the concept of multi-factor authentication in aws, which involves using a username, password, and an additional code for enhanced security, and provides examples of virtual multi-factor authentication devices like google authenticator and jamalto.', 'duration': 107.694, 'highlights': ['Multi-factor authentication in AWS involves using a username, password, and an additional code for enhanced security, similar to the OTP used in Gmail login.', 'The additional code for multi-factor authentication adds a second layer of security to the login process.', 'AWS provides the option to create a virtual multi-factor authentication device using the Google Authenticator application for added security.', 'For those familiar with using Jamalto tokens for network connections in companies, a simpler alternative is to create a virtual multi-factor authentication device in AWS.']}, {'end': 2211.66, 'start': 1811.949, 'title': 'Aws multi-factor authentication setup', 'summary': 'Explains the process of setting up multi-factor authentication (mfa) on aws, demonstrating the steps to connect google authenticator to the aws account, highlighting the ease of the process and the enhanced security it provides.', 'duration': 399.711, 'highlights': ['The process of setting up multi-factor authentication (MFA) on AWS is explained, demonstrating the steps to connect Google Authenticator to the AWS account. Demonstrates the steps to connect Google Authenticator to the AWS account, highlighting the ease of the process.', 'The chapter emphasizes the enhanced security achieved through the multi-factor authentication (MFA) setup, providing world-class security with the click of a button using IAM. Emphasizes the enhanced security achieved through the MFA setup, providing world-class security with the click of a button using IAM.', 'A demonstration of uploading files to the S3 console using a localhost application and the process of accessing the S3 service with and without the access keys is presented. Demonstration of uploading files to the S3 console using a localhost application and the process of accessing the S3 service with and without the access keys.']}, {'end': 2554.634, 'start': 2212.321, 'title': 'Configuring iam and ec2 for credential management', 'summary': 'Demonstrates the process of configuring iam and ec2, including obtaining and using access keys, attaching roles, and the impact of credential management on website functionality and error handling.', 'duration': 342.313, 'highlights': ['Obtaining and using access keys for authentication, enabling successful file uploads on a localhost website.', 'Attaching and detaching roles to an EC2 instance, impacting the ability to upload files and demonstrating the impact of credential management on website functionality.', 'Explanation of accessing keys from metadata of EC2 when not mentioned in the code, simplifying the process of credential management and deployment to EC2.']}, {'end': 2692.855, 'start': 2555.014, 'title': 'Aws learning resources and course details', 'summary': 'Highlights various resources for learning aws, including 47 videos on youtube, blogging section, and flexible batch timings for a course, along with the option to receive live notifications for sessions.', 'duration': 137.841, 'highlights': ['Edureka offers around 47 AWS videos on YouTube for learning AWS.', 'Edureka provides a blogging section for an introduction to AWS.', 'Edureka offers a course for getting certified in AWS with flexible batch timings.', 'Edureka provides an option for live notifications for YouTube sessions.', 'Edureka encourages subscribing to their YouTube channel for updates on AWS videos.']}], 'duration': 988.64, 'thumbnail': 'https://coursnap.oss-ap-southeast-1.aliyuncs.com/video-capture/UqKWHZ36yEM/pics/UqKWHZ36yEM1704215.jpg', 'highlights': ['Multi-factor authentication in AWS involves using a username, password, and an additional code for enhanced security, similar to the OTP used in Gmail login.', 'The additional code for multi-factor authentication adds a second layer of security to the login process.', 'The process of setting up multi-factor authentication (MFA) on AWS is explained, demonstrating the steps to connect Google Authenticator to the AWS account.', 'Emphasizes the enhanced security achieved through the MFA setup, providing world-class security with the click of a button using IAM.', 'Obtaining and using access keys for authentication, enabling successful file uploads on a localhost website.', 'Edureka offers around 47 AWS videos on YouTube for learning AWS.', 'Edureka provides a course for getting certified in AWS with flexible batch timings.']}], 'highlights': ['IAM consists of four main components: users, groups, roles, and policies, each serving specific functions in managing access and permissions within AWS.', 'The process of creating and logging into a new user account.', 'Demonstration of creating and attaching a role to an EC2 instance for seamless interaction with the S3 service', 'Multi-factor authentication in AWS involves using a username, password, and an additional code for enhanced security, similar to the OTP used in Gmail login.', 'Edureka offers around 47 AWS videos on YouTube for learning AWS.']}