Key Points about IAM
IAM - Identity and Access Management.
IAM - It is one of the key service provided for the AWS users and Group to access the AWS resources securely.
IAM - It is advisable to create IAM user/groups after the account creation and from the newly created AWS admin user we can create many users/groups.
IAM - AWS IAM user account which has admin privilege can be able to assign resources to the user/group accounts it creates.(Note that the account which is used to create AWS environment initially is called Admin/Super user account.)
IAM - It is recommended to create users from the IAM service for the following reasons-
(1).To avoid unlimited access to resources - It keeps the root/super user account secure.
(2).IAM admin users can be tracked - It is useful for audit and troubleshooting
IAM Users -
It can be a person or service - Used to interact with AWS resources based on the security credentials and permissions.(what action for what services resources)
Features of IAM users -
(1).Unique set of credentials(password and access keys) - To interact with AWS services.
(2).Permissions - It is Defined using IAM Policies(JSON Documents). It specify what actions are allowed or denied on which resources.
(3).Groups - IAM users can be organized into groups therefore permissions can be assigned to groups.
(4).MFA(Multi-Factor Authentication) - Extra layer of security.
(5).Programmatic Access - IAM users can have access keys to interact with AWS service via APIs,SDKs,or the AWS CLI.
(6).Console Access - IAM users also can have password for accessing the AWS Management Console.
Usecase of IAM User -
(1). To track and manage individual user access activities - Individual access.
Top comments (0)