AWS Identity and Access Management (IAM) Overview

AWS Identity and Access Management (IAM) enables you to create and manage AWS users, groups and roles, and use permissions to allow and deny their access to AWS services and resources. 

For using IAM, you can use the web based IAM console, the AWS CLI, or the API or SDKs. 

 

Benefits of IAM

  1. IAM provides centralized control and shared access to your AWS account.

  2. IAM is offered at no additional charge; you will be charged only for use of other AWS services.

  3. IAM gives you granular permissions. You can specify permissions in IAM to control which operations a user or a group can perform.

 

Features of IAM

  1. IAM is a global service and is available across all regions.

  2. Apart from access keys and passwords, IAM provides users with multi-factor authentication (MFA)

  3. IAM provides temporary security credentials through STS to provide users with access to AWS services and resources

  4. IAM supports PCI DSS Compliance.

  5. IAM users can sign in to the console using a customizable signin url specific to your Account.

  6. New users have no permissions when first created.

  7. New users are assigned access key and secret access keys when first created.

    1. Access keys and Secret Access Keys are only for programmatic access and username and password is only for console access.

    2. You can deactivate the access key id for an IAM user so that he will not be able to access the services programmatically until it is active again.

    3. You can regenerate an access key and password. However, you cannot retrieve the secret access key later after the creation.

  8. Security responsibility is shared between AWS and the user; AWS is responsible for some and user is responsible for some.

 

You may also see the IAM getting started Video on AWS website here.

Comments

lijo's picture

completed

Learn Serverless from Serverless Programming Cookbook

Contact

Please first use the contact form or facebook page messaging to connect.

Offline Contact
We currently connect locally for discussions and sessions at Bangalore, India. Please follow us on our facebook page for details.
WhatsApp (Primary): (+91) 7411174113
Phone (Escalations): (+91) 7411174114

Business newsletter

Complete the form below, and we'll send you an e-mail every now and again with all the latest news.

About

Cloudericks.com is my blog to share notes and learning materials on Cloud and Data Analytics. My current focus is on Amazon Web Services.

I like to write. I try to document what I learn and share with others. I believe that knowledge is useless unless you share it; the more you share, the more you learn.

Recent comments

Photo Stream