AWS — IAM Overview

What is AWS Identity and Access Management (IAM)? — Introduction to AWS IAM.

Awesome Cloud — AWS — IAM

TL;DR:

AWS Identity and Access Management (IAM) provides fine-grained access control across AWS accounts. With IAM, you can specify who can access which services and resources, and under which conditions. IAM is a pillar of security and provides you with easy ways to secure AWS accounts and resources.

IAM Key Points

• IAM controls access to AWS services and resources.
• IAM enables access between AWS services (e.g. EC2 to RDS).
• The main feature of IAM is that it allows you to create separate usernames and passwords for individual users or resources and delegate access.
• IAM supports identity federation. If the user is already authenticated, such as through a Facebook or Google account, IAM can be made to trust that authentication method and then allow access based on it.
• IAM is a free service. There is no additional charge for IAM security. There is no additional charge for creating additional users, groups, or policies.
• IAM is PCI DSS compliance.
• IAM supports MFA.

It provides two essential functions that work together: