ЁЯСд Identity and Access Management (IAM)
ЁЯУМ What is IAM?
Identity and Access Management is a framework that manages digital identities and controls user access to systems and resources.
IAM рдХрд╛ рдорддрд▓рдм рд╣реИ users рдХреА рдкрд╣рдЪрд╛рди manage рдХрд░рдирд╛ рдФрд░ рдЙрдирдХреЗ access рдХреЛ control рдХрд░рдирд╛ред
ЁЯза Why IAM is Important
Organizations have:
- Employees
- Customers
- Vendors
Each needs different access levels.
IAM ensures:
- Right person gets right access
- Access is controlled and monitored
ЁЯФС Core Components of IAM
Identity
Represents a user in the system.
Identity рдХрд╛ рдорддрд▓рдм рд╣реИ system рдореЗрдВ user рдХреА рдкрд╣рдЪрд╛рдиред
Authentication
Verifying identity.
Authorization
Defining access permissions.
Access Control
Enforcing policies to restrict access.
ЁЯФД IAM Lifecycle
flowchart LR
A[User Joins] --> B[Access Granted]
B --> C[Access Monitored]
C --> D[Access Updated if role changes]
D --> E[User Left]
E --> F[Access Revoked]
ЁЯУЦ Real Scenario
A new employee joins a company.
He gets access to email, internal tools, and systems based on his role.
When he changes departments, his access is updated.
When he leaves, access is removed.
рдпрд╣ рдкреВрд░рд╛ process IAM handle рдХрд░рддрд╛ рд╣реИред
тЪая╕П Common IAM Issues
- Orphan accounts
- Excess privileges
- Weak authentication
ЁЯЫбя╕П Best Practices
- Use least privilege principle
- Enable MFA
- Regular access reviews
Least privilege рдХрд╛ рдорддрд▓рдм рд╣реИ user рдХреЛ рд╕рд┐рд░реНрдл рдЙрддрдирд╛ рд╣реА access рджреЗрдирд╛ рдЬрд┐рддрдирд╛ рдЬрд░реВрд░реА рд╣реИред
ЁЯОп Interview Tips
- IAM = Authentication + Authorization + Access Control
- Explain lifecycle clearly
ЁЯЪА Key Takeaways
- IAM manages identities and access
- It improves security and control
- It is critical in modern organizations