AWS Identity and Access Management (IAM)
1 min readApr 9, 2024
- I — Identity • Manages the Authentication ->User name and password (MFA) Ex: Gmail, Facebook
- A — Access • Manages the Authorization ->Provides the permissions to use services
- M — Management
IAM Identities
- Users -> Identity for Humans / Applications
- Groups -> Identity for collection of relative users / departments
- Roles -> Identity for AWS Services or External or federated users
IAM Access(Policies)
- Provides permissions to identities
- Allow / Deny access to AWS services
- Deny has more priority than Allow
IAM Key Points
- IAM is a global service ->It is hosted in N. Virginia region ->All endpoints reaches to N. Virginia region
- IAM is an AWS managed service
- IAM is a highly available service
- IAM is free of cost — no charges
- IAM has direct / indirect integration with all other AWS services
IAM Key Points (contd)
- Allow / Deny with in your account
- • Identity federation — Microsoft AD integration / Facebook / Google / Amazon
