AWS Identity and Access Management


AWS Identity and Access Management

You may control the access to AWS services and resources in safe form through AWS Identity and Access Management (IAM). By using IAM, AWS users and groups can be created and managed and permissions used to enable and deny AWS resources.

IAM is a feature supplied without an additional price on your AWS subscription.

How it functions?

IAM helps to create roles and allowances. You can use IAM to:

  • Organize IAM users and their permissions – Users can be created in IAM, and individual security credentials (such as access keys, passwords, and multi-factor authentication devices) can be assigned to them, or temporary security credentials can be requested to give users access to AWS services and resources. You can control which operations a user can conduct by managing permissions.
  • Manage and allow federated users — You can allow an identity federation to access existing identities (users, groups and roles) within your business without having to create an IAM user for each identity. Use any SAML 2.0 supporting identity management solution or use one of our samples (AWS Console SSO or API federation).