{"id":1430,"date":"2024-12-04T18:04:31","date_gmt":"2024-12-04T10:04:31","guid":{"rendered":"https:\/\/aws-oncloudai.com\/?p=1430"},"modified":"2024-12-12T11:32:56","modified_gmt":"2024-12-12T03:32:56","slug":"master-aws-identity-and-access-management-iam-the-key-to-securing-cloud-resources","status":"publish","type":"post","link":"https:\/\/aws-oncloudai.com\/ko\/aws-identity-and-access-management-\ub9c8\uc2a4\ud130-\ud074\ub77c\uc6b0\ub4dc-\ub9ac\uc18c\uc2a4-\ubcf4\uc548\uc758-\ud575\uc2ec\uc785\ub2c8\/","title":{"rendered":"AWS Identity and Access Management(IAM) \ub9c8\uc2a4\ud130\ud558\uae30: \ud074\ub77c\uc6b0\ub4dc \ub9ac\uc18c\uc2a4 \ubcf4\ud638\uc758 \ud575\uc2ec"},"content":{"rendered":"

\ub04a\uc784\uc5c6\uc774 \ubc1c\uc804\ud558\ub294 \ud074\ub77c\uc6b0\ub4dc \ucef4\ud4e8\ud305 \uc138\uacc4\uc5d0\uc11c\ub3c4 \ubcf4\uc548\uc740 \uc5ec\uc804\ud788 \uac00\uc7a5 \uc911\uc694\ud569\ub2c8\ub2e4. \uc120\ub3c4\uc801\uc778 \ud074\ub77c\uc6b0\ub4dc \uacf5\uae09\uc5c5\uccb4\uc778 Amazon Web Services(AWS)\ub294 IAM(Identity and Access Management)\uc774\ub77c\ub294 \uac15\ub825\ud55c \ub3c4\uad6c\ub97c \uc81c\uacf5\ud569\ub2c8\ub2e4. \uc774 \uc11c\ube44\uc2a4\ub97c \uc0ac\uc6a9\ud558\uba74 \uae30\uc5c5\uc740 AWS \ub9ac\uc18c\uc2a4\uc5d0 \ub300\ud55c \uc561\uc138\uc2a4\ub97c \uc548\uc804\ud558\uac8c \uc81c\uc5b4\ud558\uc5ec \uc801\uc808\ud55c \uc0ac\uc6a9\uc790\uc5d0\uac8c \ud56d\uc0c1 \uc801\uc808\ud55c \uad8c\ud55c\uc774 \ubd80\uc5ec\ub418\ub3c4\ub85d \ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc774 \ubb38\uc11c\uc5d0\uc11c\ub294 AWS IAM\uc774 \ubb34\uc5c7\uc774\uace0, \uc8fc\uc694 \uae30\ub2a5\uc774 \ubb34\uc5c7\uc778\uc9c0, \uadf8\ub9ac\uace0 \uc774\ub97c \ud65c\uc6a9\ud558\uc5ec \ud074\ub77c\uc6b0\ub4dc \ubcf4\uc548 \ud0dc\uc138\ub97c \uac15\ud654\ud558\ub294 \ubc29\ubc95\uc744 \uc54c\uc544\ubd05\ub2c8\ub2e4.<\/p>\n

\ubb34\uc5c7\uc778\uac00\uc694<\/strong> AWS IAM?<\/h3>\n

AWS IAM\uc740 AWS \ub9ac\uc18c\uc2a4\uc5d0 \ub300\ud55c \uc561\uc138\uc2a4\ub97c \uad00\ub9ac\ud558\ub294 \ub370 \ub3c4\uc6c0\uc774 \ub418\ub294 \uc11c\ube44\uc2a4\uc785\ub2c8\ub2e4. AWS \uc0ac\uc6a9\uc790, \uadf8\ub8f9 \ubc0f \uc5ed\ud560\uc744 \uc0dd\uc131\ud558\uace0 \uc81c\uc5b4\ud560 \uc218 \uc788\uc73c\uba70 S3 \ubc84\ud0b7, EC2 \uc778\uc2a4\ud134\uc2a4 \ub610\ub294 RDS \ub370\uc774\ud130\ubca0\uc774\uc2a4\uc640 \uac19\uc740 \ub9ac\uc18c\uc2a4\uc5d0 \ub300\ud55c \uc561\uc138\uc2a4 \uc218\uc900\uc744 \uc815\uc758\ud569\ub2c8\ub2e4.<\/p>\n

IAM\uc740 \ucd5c\uc18c \uad8c\ud55c\uc758 \uc6d0\uce59\uc5d0 \ub530\ub77c \uc791\ub3d9\ud569\ub2c8\ub2e4. \uc989, \uc0ac\uc6a9\uc790\uc640 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc740 \uc791\uc5c5\uc744 \uc218\ud589\ud558\ub294 \ub370 \ud544\uc694\ud55c \ucd5c\uc18c\ud55c\uc758 \uc561\uc138\uc2a4 \uad8c\ud55c\uc744 \uac00\uc838\uc57c \ud569\ub2c8\ub2e4.<\/p>\n

AWS IAM\uc758 \uc8fc\uc694 \uae30\ub2a5<\/strong><\/h3>\n

1) \uc0ac\uc6a9\uc790 \ubc0f \uadf8\ub8f9 \uad00\ub9ac<\/h4>\n

IAM\uc740 \uac1c\ubcc4 \uc0ac\uc6a9\uc790\ub97c \uc0dd\uc131\ud558\uace0 \uc774\ub97c \ub17c\ub9ac\uc801 \ub2e8\uc704\ub85c \uadf8\ub8f9\ud654\ud558\ub294 \uae30\ub2a5\uc744 \uc9c0\uc6d0\ud569\ub2c8\ub2e4. \uc608\ub97c \ub4e4\uc5b4, \uac1c\ubc1c\uc790, \uad00\ub9ac\uc790, \ubd84\uc11d\uac00\ub294 \uc5ed\ud560\uc5d0 \ub530\ub77c \uc11c\ub85c \ub2e4\ub978 \uc561\uc138\uc2a4 \uc218\uc900\uc744 \uac00\uc9c8 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n

2) \uc815\ucc45<\/h4>\n

\uc815\ucc45\uc740 \uad8c\ud55c\uc744 \uc815\uc758\ud558\ub294 JSON \ubb38\uc11c\uc785\ub2c8\ub2e4. \uc774\ub7ec\ud55c \uc124\uc815\uc740 \ud2b9\uc815 \ub9ac\uc18c\uc2a4\uc5d0 \ub300\ud574 \uc5b4\ub5a4 \uc791\uc5c5\uc774 \ud5c8\uc6a9\ub418\uac70\ub098 \uac70\ubd80\ub418\ub294\uc9c0\ub97c \uc9c0\uc815\ud569\ub2c8\ub2e4. \uc774\ub7ec\ud55c \uc815\ucc45\uc740 \uc0ac\uc6a9\uc790, \uadf8\ub8f9 \ub610\ub294 \uc5ed\ud560\uc5d0 \ucca8\ubd80\ub420 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n

3) \uc5ed\ud560<\/h4>\n

\uc5ed\ud560\uc740 \ud2b9\uc815 \ubaa9\uc801\uc744 \uc704\ud574 \uc124\uacc4\ub41c \uc784\uc2dc \uc0ac\uc6a9\uc790 \uacc4\uc815\uacfc \uac19\uc2b5\ub2c8\ub2e4. \uc774\ub7ec\ud55c \uae30\ub2a5\uc740 \ubbfc\uac10\ud55c \uc790\uaca9 \uc99d\uba85\uc744 \ud3ec\ud568\ud558\uc9c0 \uc54a\uace0\ub3c4 Lambda\ub098 EC2\uc640 \uac19\uc740 AWS \uc11c\ube44\uc2a4\uc5d0\uc11c \uc2e4\ud589\ub418\ub294 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc5d0 \uad8c\ud55c\uc744 \ubd80\uc5ec\ud558\ub294 \ub370 \ud2b9\ud788 \uc720\uc6a9\ud569\ub2c8\ub2e4.<\/p>\n

4) \ub2e4\uc911 \uc778\uc99d \uc694\uc18c(MFA)<\/h4>\n

IAM\uc740 MFA\ub97c \uc9c0\uc6d0\ud569\ub2c8\ub2e4. MFA\ub294 \uc0ac\uc6a9\uc790\uac00 \ubaa8\ubc14\uc77c \uc571\uc774\ub098 \ud558\ub4dc\uc6e8\uc5b4 \ud1a0\ud070 \ub4f1\uc758 \ucd94\uac00\uc801\uc778 \uc694\uc18c\ub97c \uc0ac\uc6a9\ud558\uc5ec \uc2e0\uc6d0\uc744 \ud655\uc778\ud558\ub3c4\ub85d \uc694\uad6c\ud558\uc5ec \ubcf4\uc548\uc744 \uac15\ud654\ud569\ub2c8\ub2e4.<\/p>\n

5) \uc138\ubd84\ud654\ub41c \uc561\uc138\uc2a4 \uc81c\uc5b4<\/h4>\n

IAM\uc744 \uc0ac\uc6a9\ud558\uba74 \ub9e4\uc6b0 \uc138\ubd80\uc801\uc778 \uad8c\ud55c\uc744 \uc815\uc758\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc608\ub97c \ub4e4\uc5b4, \ub2e4\ub978 \uc0ac\uc6a9\uc790\uc758 \uc561\uc138\uc2a4\ub97c \uc81c\ud55c\ud558\ub294 \ub3d9\uc2dc\uc5d0 \ud2b9\uc815 \uc0ac\uc6a9\uc790\uc5d0\uac8c \ud2b9\uc815 S3 \ubc84\ud0b7\uc5d0 \ub300\ud55c \uc77d\uae30 \uc804\uc6a9 \uc561\uc138\uc2a4 \uad8c\ud55c\uc744 \ubd80\uc5ec\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n

6) \uac10\uc0ac \ubc0f \uaddc\uc815 \uc900\uc218<\/h4>\n

IAM\uc740 AWS CloudTrail\uacfc \ud1b5\ud569\ub418\uc5b4 API \ud638\ucd9c\uacfc IAM \uad6c\uc131\uc758 \ubcc0\uacbd \uc0ac\ud56d\uc744 \ubaa8\ub2c8\ud130\ub9c1\ud569\ub2c8\ub2e4. \uc774\ub294 \uaddc\uc815 \uc900\uc218\ub97c \uc720\uc9c0\ud558\uace0 \uc548\uc804 \ubb38\uc81c\ub97c \ud574\uacb0\ud558\ub294 \ub370 \uc911\uc694\ud569\ub2c8\ub2e4.<\/p>\n

AWS IAM \ubaa8\ubc94 \uc0ac\ub840<\/strong><\/h3>\n

1) \ubaa8\ub4e0 \uc0ac\uc6a9\uc790\uc5d0 \ub300\ud574 MFA \ud65c\uc131\ud654<\/h4>\n

MFA\ub294 \ubcf4\ud638 \uacc4\uce35\uc744 \ud558\ub098 \ub354 \ucd94\uac00\ud569\ub2c8\ub2e4. \ubaa8\ub4e0 \uc0ac\uc6a9\uc790, \ud2b9\ud788 \uad00\ub9ac\uc790 \uad8c\ud55c\uc774 \uc788\ub294 \uc0ac\uc6a9\uc790\uac00 MFA\ub97c \ud65c\uc131\ud654\ud588\ub294\uc9c0 \ud655\uc778\ud558\uc138\uc694.<\/p>\n

2) \uacf5\uc720 \uc790\uaca9 \uc99d\uba85 \ub300\uc2e0 \uc5ed\ud560\uc744 \uc0ac\uc6a9\ud558\uc138\uc694<\/h4>\n

\uc7a5\uae30 \uc790\uaca9 \uc99d\uba85\uc744 \ubc30\ud3ec\ud558\ub294 \ub300\uc2e0 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uacfc AWS \uc11c\ube44\uc2a4\uc5d0 \uc5ed\ud560\uc744 \ud560\ub2f9\ud569\ub2c8\ub2e4.<\/p>\n

3) \ucd5c\uc18c \uad8c\ud55c\uc758 \uc6d0\uce59\uc744 \uad6c\ud604\ud569\ub2c8\ub2e4.<\/h4>\n

\uc0ac\uc6a9\uc790\uc640 \uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc5d0 \ud544\uc694\ud55c \uc561\uc138\uc2a4 \uad8c\ud55c\ub9cc \uc788\ub294\uc9c0 \ud655\uc778\ud558\uae30 \uc704\ud574 \uc815\uae30\uc801\uc73c\ub85c \uad8c\ud55c\uc744 \uac80\ud1a0\ud558\uc138\uc694.<\/p>\n

4) \uc561\uc138\uc2a4 \ud0a4\ub97c \uc815\uae30\uc801\uc73c\ub85c \uad50\uccb4\ud558\uc138\uc694<\/h4>\n

\ud504\ub85c\uadf8\ub798\ubc0d \ubc29\uc2dd\uc758 \uc561\uc138\uc2a4\uac00 \ud544\uc694\ud55c \uc0ac\uc6a9\uc790\ub098 \uc11c\ube44\uc2a4\uc758 \uacbd\uc6b0 \ub178\ucd9c \uc704\ud5d8\uc744 \uc904\uc774\uae30 \uc704\ud574 \uc561\uc138\uc2a4 \ud0a4\ub97c \uc790\uc8fc \uad50\uccb4\ud558\uc138\uc694.<\/p>\n

5) IAM \ud65c\ub3d9 \ubaa8\ub2c8\ud130\ub9c1<\/h4>\n

AWS CloudTrail\uacfc AWS Config\ub97c \uc0ac\uc6a9\ud558\uc5ec IAM \uc815\ucc45, \uc5ed\ud560 \ubc0f \ud65c\ub3d9\uc5d0 \ub300\ud55c \ubcc0\uacbd \uc0ac\ud56d\uc744 \ucd94\uc801\ud569\ub2c8\ub2e4.<\/p>\n

\uc77c\ubc18\uc801\uc778 IAM \uc0ac\uc6a9 \uc0ac\ub840<\/strong><\/h3>\n

S3 \ubc84\ud0b7\uc5d0 \ub300\ud55c \uc561\uc138\uc2a4 \uc81c\uc5b4: \ud2b9\uc815 \ubc84\ud0b7\uc774\ub098 \uc811\ub450\uc0ac\uc5d0 \ub300\ud55c \uc0ac\uc6a9\uc790 \uc561\uc138\uc2a4\ub97c \uc81c\ud55c\ud558\ub294 \uc815\ucc45\uc744 \ub9cc\ub4e4\uc5b4 \ubbfc\uac10\ud55c \ub370\uc774\ud130\uc5d0 \ub300\ud55c \uc561\uc138\uc2a4\ub97c \uc81c\ud55c\ud569\ub2c8\ub2e4.<\/p>\n

\uc560\ud50c\ub9ac\ucf00\uc774\uc158\uc744 \uc548\uc804\ud558\uac8c \uc2e4\ud589\ud558\uc138\uc694:<\/strong>IAM \uc5ed\ud560\uc744 \uc0ac\uc6a9\ud558\uba74 \uc790\uaca9 \uc99d\uba85\uc744 \ub178\ucd9c\ud558\uc9c0 \uc54a\uace0\ub3c4 EC2 \uc778\uc2a4\ud134\uc2a4\uc5d0 DynamoDB \ub610\ub294 SQS\uc640 \uac19\uc740 \ub2e4\ub978 AWS \uc11c\ube44\uc2a4\uc5d0 \ub300\ud55c \uc561\uc138\uc2a4 \uad8c\ud55c\uc744 \ubd80\uc5ec\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n

\uacc4\uc815 \uac04 \uc561\uc138\uc2a4: IAM \uc5ed\ud560\uc744 \uc0ac\uc6a9\ud558\uc5ec AWS \uacc4\uc815 \uac04\uc5d0 \ub9ac\uc18c\uc2a4\ub97c \uacf5\uc720\ud558\uace0, \ud300\uc774\ub098 \uc870\uc9c1 \uac04\uc5d0 \uc548\uc804\ud558\uac8c \ud611\uc5c5\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n

\uacb0\ub860\uc801\uc73c\ub85c<\/strong><\/h3>\n

AWS IAM\uc740 \ud074\ub77c\uc6b0\ub4dc \ubcf4\uc548\uc758 \ucd08\uc11d\uc73c\ub85c, \uc561\uc138\uc2a4 \ubc0f \uad8c\ud55c\uc744 \uad00\ub9ac\ud558\ub294 \uac15\ub825\ud55c \ub3c4\uad6c\ub97c \uc81c\uacf5\ud569\ub2c8\ub2e4. MFA \uc0ac\uc6a9 \ubc0f \ucd5c\uc18c \uad8c\ud55c \uc6d0\uce59 \uc900\uc218 \ub4f1\uc758 \ubaa8\ubc94 \uc0ac\ub840\ub97c \uad6c\ud604\ud558\uba74 AWS \ud658\uacbd\uc758 \ubcf4\uc548\uc744 \ud06c\uac8c \uac15\ud654\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. IAM\uc744 \ub9c8\uc2a4\ud130\ud558\ub294 \uac83\uc740 \ub9ac\uc18c\uc2a4\ub97c \ubcf4\ud638\ud558\uace0 \uaddc\uc815 \uc900\uc218\ub97c \ubcf4\uc7a5\ud558\ub294 \ub370 \ub9e4\uc6b0 \uc911\uc694\ud569\ub2c8\ub2e4.<\/p>","protected":false},"excerpt":{"rendered":"

\ub04a\uc784\uc5c6\uc774 \ubc1c\uc804\ud558\ub294 \ud074\ub77c\uc6b0\ub4dc \ucef4\ud4e8\ud305 \uc138\uacc4\uc5d0\uc11c\ub3c4 \ubcf4\uc548\uc740 \uc5ec\uc804\ud788 \uac00\uc7a5 \uc911\uc694\ud569\ub2c8\ub2e4. \uc120\ub3c4\uc801\uc778 \ud074\ub77c\uc6b0\ub4dc \uacf5\uae09\uc5c5\uccb4\uc778 Amazon Web Services(AWS)\ub294 IAM(Identity and Access Management)\uc774\ub77c\ub294 \uac15\ub825\ud55c \ub3c4\uad6c\ub97c \uc81c\uacf5\ud569\ub2c8\ub2e4. \uc774 \uc11c\ube44\uc2a4\ub97c \uc0ac\uc6a9\ud558\uba74 \uae30\uc5c5\uc740 AWS \ub9ac\uc18c\uc2a4\uc5d0 \ub300\ud55c \uc561\uc138\uc2a4\ub97c \uc548\uc804\ud558\uac8c \uc81c\uc5b4\ud558\uc5ec \uc801\uc808\ud55c \uc0ac\uc6a9\uc790\uc5d0\uac8c \ud56d\uc0c1 \uc801\uc808\ud55c \uad8c\ud55c\uc774 \ubd80\uc5ec\ub418\ub3c4\ub85d \ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>","protected":false},"author":1,"featured_media":1431,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[65],"tags":[],"class_list":["post-1430","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technical-sharing"],"_links":{"self":[{"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/posts\/1430","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/comments?post=1430"}],"version-history":[{"count":0,"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/posts\/1430\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/media\/1431"}],"wp:attachment":[{"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/media?parent=1430"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/categories?post=1430"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/tags?post=1430"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}