Cloud IAM: From Zero to Master

A 12-episode series on identity and access management across AWS, GCP, and Azure — from first principles to privilege escalation defense, federation, and Zero Trust architecture.

Who it’s for: Infrastructure engineers, security practitioners, and platform teams who need to understand cloud access control deeply enough to design it, audit it, and defend it.

By the end: debug any AccessDenied, audit any IAM configuration, and understand the attack paths through IAM before an attacker finds them.

Series complete — all 12 episodes published.

Episodes

EP	Title	Level	Status
EP01	What Is Cloud IAM — and Why Every API Call Depends on It	Beginner	Published
EP02	Authentication vs Authorization: AWS AccessDenied Explained	Beginner	Published
EP03	IAM Roles vs Policies: How Cloud Authorization Actually Works	Beginner	Published
EP04	AWS IAM Deep Dive: Users, Groups, Roles, and Policies Explained	Intermediate	Published
EP05	GCP IAM Policy Inheritance: How the Resource Hierarchy Controls Access	Intermediate	Published
EP06	Azure RBAC Explained: Management Groups, Subscriptions, and Scope	Intermediate	Published
EP07	OIDC Workload Identity: Eliminate Cloud Access Keys Entirely	Intermediate	Published
EP08	AWS IAM Privilege Escalation: How iam:PassRole Leads to Full Compromise	Advanced	Published
EP09	AWS Least Privilege Audit: From Wildcard Permissions to Scoped Policies	Advanced	Published
EP10	SAML vs OIDC: Which Federation Protocol Belongs in Your Cloud?	Advanced	Published
EP11	Kubernetes RBAC and AWS IAM: The Two-Layer Access Model for EKS	Advanced	Published
EP12	Zero Trust Access in the Cloud: How the Evaluation Loop Actually Works	Master	Published

Start with EP01: What Is Cloud IAM →