[AWS Architect] (19) Identity and Access Management (IAM)

Identity and Access Management (IAM) provides the centralized management of your AWS account. It controls how to access AWS services via policies that can be attached to users, groups, and roles.

  • IAM is a global service that is not tied to a region.
    • Users and policies can be used globally.
  • Users are given long-term credentials to access AWS resources (username/password or access keys).
  • Roles allow for short-term access to resources when assumed, using temporary access credentials.
  • IAM can work with Identity Federation such as Active Directory or Web Identity Federation (Facebook, Google, etc.)
Continue reading “[AWS Architect] (19) Identity and Access Management (IAM)”