Skip to main content
Back to junior questions
junior
beginner
Cloud

Cloud IAM Basics

Question

What is IAM in cloud computing? Explain the concepts of users, roles, and policies.

Answer

IAM (Identity and Access Management) controls who can access cloud resources and what they can do. Users are individual identities (people or services). Roles are sets of permissions that can be assumed temporarily. Policies are JSON documents that define what actions are allowed or denied on which resources. The principle of least privilege means giving only the minimum permissions needed.

Why This Matters

IAM is the security foundation of cloud infrastructure. Misconfigured IAM is one of the top causes of cloud breaches. DevOps engineers must understand IAM to set up secure CI/CD pipelines, manage service accounts, and follow security best practices.

Code Examples

Example AWS IAM Policy

json

AWS CLI IAM commands

bash
Common Mistakes
  • Using root account for daily operations
  • Granting overly permissive policies like AdministratorAccess
  • Hardcoding credentials instead of using roles
Follow-up Questions
Interviewers often ask these as follow-up questions
  • What is the principle of least privilege?
  • When would you use a role instead of a user?
  • What is the difference between identity-based and resource-based policies?
Tags
iam
cloud
security
aws
permissions
View all junior questions