AWS Cloud Quest: Security - Securing Your Servers

Use IAM role and policies to grant least privilege to AWS resources. Practice Lab Goals 1. Create and IAM policy and IAM role that will give the ERP application least privilege permissions 2. Attach the IAM role to the EC2 instance hosting the application 3. Test the new permissions by uploading an image file to the application 4. Test the Lambda function by verifying that the contents of the file were written to a DynamoDB table DIY 1. Add the S3DeleteObject permission to the ec2_app_policy in IAM 2. Create a new IAM role 3. Attach the ec2_app_policy to the role 4. Attach the newly created role to the Compliance-Server EC2 instance