Closed coultergeist closed 5 years ago
Introduction video about AWS IAM https://www.aws.training/learningobject/video?id=16448.
AWS IAM features: 1.Enhanced security IAM enables security best practices by allowing you to grant unique security credentials to users and groups to specify which AWS service APIs and resources they can access. IAM is secure by default; users have no access to AWS resources until permissions are explicitly granted.
Granular control IAM provides the granularity to control a user’s access to specific AWS services and resources using permissions. For example, terminating EC2 instances or reading the contents of an Amazon S3 bucket.
Temporary credentials In addition to defining access permissions directly to users and groups, IAM lets you create roles. Roles allow you to define a set of permissions and then let authenticated users or EC2 instances assume them, getting temporary access to the resources you define.
Flexible security credential management IAM allows you to authenticate users in several ways, depending on how they want to use AWS services. You can assign a range of security credentials including passwords, key pairs, and X.509 certificates. You can also enforce multi-factor authentication (MFA) on users who access the AWS Management Console or use APIs.
Successfully add the Google OAuth2 to the test page. It allow user to use their google account to login. If login success, user can find the following information in console: Google ID, User name, User's profile photo, User's email, and the message from Jon's API.
gauthlogintest.html
Successfully add the Facebook auth to the test page. It allow user to use their facebook account to login. If login success, user can find the following information in console: Login status. And it will output the message from Jon's API on screen.
fbtest.zip fbtest.html
Projected Time: 10 hrs Actual Time: 8 hrs First, I did lots of research about Facebook OAuth and Google OAuth2. Both Facebook and Google provide tutorials about how to setup in facebook app dashboard and google api console with the developer account. I added Erik's function to both test pages, if user successfully use their facebook or google account login, the message from Jon's API will show up.
Facebook Login: https://developers.facebook.com/docs/facebook-login/web/ Google Login:https://developers.google.com/identity/sign-in/web/sign-in
Yitong: Authenticate/Pass Auth to API IAM permissions, permissions to access API based on user, Admin, Super Admin (Identity and Access Management)
Projected Time: Actual Time: