# AWS IAM for Generative AI Applications (AWS Developer AI Certification Notes)
Your notes are correct, but for the certification exam you should think of IAM not merely as a user management service, but as the **security foundation that controls every interaction in a GenAI architecture**.
Consider a simple Bedrock application:
```text
User
|
API Gateway
|
Lambda
|
Amazon Bedrock
|
Foundation Model
```
Every arrow in the diagram requires permissions.
The user needs permission to invoke the API.
The Lambda function needs permission to invoke Bedrock.
Bedrock may need permission to access S3, Knowledge Bases, Guardrails, or CloudWatch logs.
IAM is the service that governs all these interactions.
---
# What is IAM?
AWS Identity and Access Management (IAM) is the service that enables:
### Authentication
Who are you?
Examples:
* IAM User
* IAM Role
* Federated User
* IAM Identity Center User
---
### Authorization
What are you allowed to do?
Examples:
```json
{
"Effect":"Allow",
"Action":"bedrock:InvokeModel",
"Resource":"*"
}
```
This determines whether an action succeeds or fails.
---
# IAM Building Blocks
Think of IAM as five layers:
```text
Users
Groups
Roles
Policies
Identity Providers
```
---
# IAM Users
IAM Users represent a person or application that needs direct AWS access.
Examples:
* Developer
* Administrator
* DevOps Engineer
An IAM User consists of:
```text
Username
Password
Access Key
Secret Key
```
Historically many applications used IAM Users.
Modern AWS architecture prefers IAM Roles.
---
## Certification Tip
Exam questions frequently test:
**Never embed IAM User access keys inside applications.**
Bad:
```python
aws_access_key="ABC123"
aws_secret="XYZ456"
```
Good:
```text
EC2 Instance Role
Lambda Execution Role
ECS Task Role
```
---
# IAM Groups
Groups simplify permission management.
Example:
```text
Developers
├── John
├── Alice
├── Bob
```
Attach:
```text
AmazonBedrockReadOnlyAccess
```
to the group.
All users inherit permissions.
---
# IAM Roles
Roles are the most important IAM concept for GenAI architectures.
A role is an identity that can be assumed temporarily.
Unlike users:
```text
IAM User
Permanent credentials
IAM Role
Temporary credentials
```
---
## Why Roles Matter
Without a role:
```text
Lambda
|
X
|
Bedrock
```
Access denied.
With a role:
```text
Lambda
|
Execution Role
|
Bedrock
```
Access granted.
---
# Lambda → Bedrock Example
Suppose Lambda invokes:
```python
client.invoke_model()
```
Lambda requires:
```json
{
"Effect": "Allow",
"Action": [
"bedrock:InvokeModel"
],
"Resource": "*"
}
```
Without it:
```text
AccessDeniedException
```
---
# IAM Policies
Policies define permissions.
Policies are JSON documents.
Example:
```json
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":"bedrock:InvokeModel",
"Resource":"*"
}
]
}
```
---
# Policy Components
### Effect
```text
Allow
Deny
```
---
### Action
What operation?
Examples:
```text
bedrock:InvokeModel
s3:GetObject
lambda:InvokeFunction
```
---
### Resource
Which resource?
Example:
```text
Specific S3 bucket
Specific Lambda
Specific Bedrock model
```
---
### Condition
Additional restrictions.
Example:
```text
Only from a specific IP
Only during business hours
Only from a specific VPC
```
---
# Principle of Least Privilege
One of the most tested concepts.
Bad:
```json
{
"Action":"*",
"Resource":"*"
}
```
Good:
```json
{
"Action":"bedrock:InvokeModel",
"Resource":"arn:aws:bedrock:..."
}
```
Give only the permissions required.
---
# IAM in Bedrock Architectures
## Scenario 1
Lambda invokes Bedrock
Required:
```text
Role attached to Lambda
```
Permissions:
```text
bedrock:InvokeModel
```
---
## Scenario 2
Knowledge Base accesses S3
Required:
```text
Knowledge Base Role
```
Permissions:
```text
s3:GetObject
s3:ListBucket
```
---
## Scenario 3
Agent invokes Lambda Tool
Required:
```text
Bedrock Agent Role
```
Permissions:
```text
lambda:InvokeFunction
```
---
## Scenario 4
Agent accesses Knowledge Base
Required:
```text
Knowledge Base Access
```
Permissions:
```text
bedrock:Retrieve
```
---
# Identity Providers (IdP)
Large enterprises usually do NOT create thousands of IAM users.
Instead:
```text
Microsoft Entra ID
Okta
Ping Identity
Google Workspace
```
act as Identity Providers.
Users sign in using corporate credentials.
---
# Federation
Authentication:
```text
Corporate Login
|
Identity Provider
|
AWS
```
AWS issues temporary credentials.
No AWS passwords required.
---
# IAM Identity Center
Formerly:
```text
AWS SSO
```
Provides centralized workforce authentication.
Useful for:
* Employees
* Contractors
* Enterprise Users
---
## Example
Employee logs into:
```text
Amazon Q Business
```
IAM Identity Center validates:
```text
User
Group Membership
Application Access
```
before allowing access.
---
# IAM Roles in AI Systems
Very common exam architecture:
```text
User
|
API Gateway
|
Lambda
|
Bedrock
|
Knowledge Base
|
S3
```
Roles involved:
### Lambda Execution Role
```text
Invoke Bedrock
```
---
### Knowledge Base Role
```text
Read S3
Write embeddings
```
---
### Bedrock Agent Role
```text
Invoke tools
Access KB
Call Lambda
```
---
# IAM Access Analyzer
A commonly overlooked exam topic.
Access Analyzer identifies:
* Public resources
* Cross-account access
* Unintended permissions
Example:
```text
S3 Bucket
```
accidentally shared externally.
Access Analyzer detects it.
---
# IAM Credential Types
### Long-Term Credentials
Used by:
```text
IAM Users
```
Examples:
* Passwords
* Access Keys
---
### Temporary Credentials
Used by:
```text
IAM Roles
Federated Users
```
Preferred approach.
---
# Common AWS Developer AI Exam Scenarios
### Scenario 1
Lambda cannot invoke Bedrock.
Most likely:
```text
Missing IAM Role
or
Missing bedrock:InvokeModel permission
```
---
### Scenario 2
Bedrock Agent cannot call Lambda tool.
Most likely:
```text
Missing lambda:InvokeFunction permission
```
---
### Scenario 3
Knowledge Base ingestion fails.
Most likely:
```text
Knowledge Base Role
cannot read S3 documents
```
---
### Scenario 4
Enterprise users should log in using corporate credentials.
Best solution:
```text
IAM Identity Center
```
not thousands of IAM Users.
---
No comments:
Post a Comment