Scribd
Upload
1 views2 pages

What Is IAM

IAM, or Identity Access Management, is a web service that allows AWS customers to manage user access and permissions within their AWS accounts. It enables organizations to create multiple users with specific security credentials, control access to AWS resources, and implement features like multifactor authentication and identity federation. IAM is free to use as part of an AWS account, with charges only incurred when accessing other AWS services.

Uploaded by

pmahakalkar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
1 views2 pages

What Is IAM

IAM, or Identity Access Management, is a web service that allows AWS customers to manage user access and permissions within their AWS accounts. It enables organizations to create multiple users with specific security credentials, control access to AWS resources, and implement features like multifactor authentication and identity federation. IAM is free to use as part of an AWS account, with charges only incurred when accessing other AWS services.

Uploaded by

pmahakalkar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

What is IAM?

o IAM stands for Identity Access Management.

o IAM allows you to manage users and their level of access to the aws console.

o It is used to set users, permissions and roles. It allows you to grant access to the different
parts of the aws platform.

o AWS Identity and Access Management is a web service that enables Amazon Web Services
(AWS) customers to manage users and user permissions in AWS.

o With IAM, Organizations can centrally manage users, security credentials such as access keys,
and permissions that control which AWS resources users can access.

o Without IAM, Organizations with multiple users must either create multiple user accounts,
each with its own billing and subscriptions to AWS products or share an account with a single
security credential. Without IAM, you also don't have control about the tasks that the users
can do.

o IAM enables the organization to create multiple users, each with its own security credentials,
controlled and billed to a single aws account. IAM allows the user to do only what they need
to do as a part of the user's job.

Features of IAM

o Centralised control of your AWS account: You can control creation, rotation, and
cancellation of each user's security credentials. You can also control what data in the aws
system users can access and how they can access.

o Shared Access to your AWS account: Users can share the resources for the collaborative
projects.

o Granular permissions: It is used to set a permission that user can use a particular service but
not other services.

o Identity Federation: An Identity Federation means that we can use Facebook, Active
Directory, LinkedIn, etc with IAM. Users can log in to the AWS Console with same username
and password as we log in with the Active Directory, Facebook, etc.

o Multifactor Authentication: An AWS provides multifactor authentication as we need to enter


the username, password, and security check code to log in to the AWS Management
Console.

o Permissions based on Organizational groups: Users can be restricted to the AWS access
based on their job duties, for example, admin, developer, etc.

o Networking controls: IAM also ensures that the users can access the AWS resources within
the organization's corporate network.

o Provide temporary access for users/devices and services where necessary: If you are using
a mobile app and storing the data in AWS account, you can do this only when you are using
temporary access.
o Integrates with many different aws services: IAM is integrated with many different aws
services.

o Supports PCI DSS Compliance: PCI DSS (Payment Card Industry Data Security Standard) is a
compliance framework. If you are taking credit card information, then you need to pay for
compliance with the framework.

o Eventually Consistent: IAM service is eventually consistent as it achieves high availability by


replicating the data across multiple servers within the Amazon's data center around the
world.

o Free to use: AWS IAM is a feature of AWS account which is offered at no additional charge.
You will be charged only when you access other AWS services by using IAM user.

o IAM Identities
o IAM identities are created to provide authentication for people and
processes in your aws account.
o IAM identities are categorized as given below:

o IAM Users

o IAM Groups

o IAM Roles

AWS Account Root User

o When you first create an AWS account, you create an account as a root user identity which is
used to sign in to AWS.

o You can sign to the AWS Management Console by entering your email address and password.
The combination of email address and password is known as root user credentials.

o When you sign in to AWS account as a root user, you have unrestricted access to all the
resources in AWS account.

o The Root user can also access the billing information as well as can change the password
also.

You might also like