13-11 AWS IAM

Last updated Aug 17, 2023 Edit Source

#aws-service
AWS Identity and Access Management (IAM) lets you create and manage AWS users and groups, and use permissions to allow and deny these users access to AWS resources.

JSON documents that grant permissions for a specific user, group, or role to access services. Policies are attached to IAM Identities

The API actions that can or cannot be performed. They are represented in the IAM Policy document

End users who log into the console or interact with AWS resources programmatically or via clicking UI interfaces

Group up your Users so they all share permission levels of the group eg. Administrators, Developers, Auditors

Roles grant AWS resources permissions to specific AWS API actions Associate policies to a Role and then assign it to an AWS resource