AWS Identity and Access Management

Amazon in 2012 introduces AWS Identity and Access Management (IAM) for EC2 ^[1]. In February introduced Managed Policies by AWS^[2] and since November 2016 there are 10 different policies bases on job functions: AdministratorAccess (This policy grants full access to all AWS services, similar to root role in Unix systems), Billing, Data Scientist, Database Administrator, Developer Power User, Network Administrator, Security Auditor, Support User, System Administrator and View Only User ^[3][4]

Examples policies

• aws:RequestedRegion (April 2018) ^[5]
• iam:ChangePassword
• arn:aws:iam::aws:policy/ReadOnlyAccess

Related terms

• SigV4
• AWS IAM Access Analyzer (Dec 2019)
• Azure Identity and access management (IAM)
• gcloud iam
• aws-iam-authenticator and EKS
• AWS IAM role

Activities

• Read https://stackoverflow.com/questions/tagged/amazon-iam?tab=Votes
• Granting access to your billing information and tools

News

• Nov 2022 assign multiple MFA devices in IAM https://aws.amazon.com/blogs/security/you-can-now-assign-multiple-mfa-devices-in-iam/

See also

• aws iam [ create-user, create-group, get-user, list-users | list-policies | list-attached-user-policies | attach-user-policy | list-attached-user-policies | list-roles | get-account-summary | put-group-policy | put-role-policy | put-user-policy | create-login-profile | aws iam delete-virtual-mfa-device | aws iam list-virtual-mfa-devices | aws iam create-saml-provider | aws iam list-account-aliases | aws iam create-role | aws iam change-password| enable-mfa-device | list-instance-profiles
• IAM: AWS IAM Identity Center, AWS Identity and Access Management, Google Cloud IAM, Azure IAM, SailPoint, CyberArk, CIAM, ForgeRock, iam:ChangePassword, aws iam, AdministratorAccess, Context keys, IAM Access Analyzer, AWS policy, AWS managed policies, IAMUserChangePassword, AWS Roles, List of AWS policies, Resource-based policy, aws-iam-authenticator, IRSA, RDS Authentication, AccessDenied