What is AWS IAM?
AWS IAM is a global AWS service that manages authentication & authorization.
It helps to control who can access AWS resources and what actions they can perform.
What does IAM feature?
In IAM, it it possible to define:
- Users;
- Groups;
- Roles;
- Policies.
Users
- Individual identities with credentials;
- Users are people within an organization and can be grouped.
Groups
- Collections of users with shared permissions;
- Can only contain users, not other groups.
Roles
- Provide temporary access for AWS services or external entities.
Policies
- JSON documents that define permissions.