AWS Identity and Access Management
AWS Identity and Access Management
AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. With IAM, you can centrally manage permissions that control which AWS resources users can access. You use IAM to control who is authenticated (singed in) and authorized (has permissions) to use resources. When user will create an AWS account, they begin with one sign-in identity that has complete access to all AWS services and resources in the account. The identity is called the AWS account root user and is accessed by signing in with the email address and password that user can used to create an account.
Ø Features of IAM:
1. Shared access to your AWS account- You can grant other people permission to administrator and use resources in your AWS account without having to share your password or any access key.
2. Granular permissions – You can grant different permissions to different people for different resources. For example, you might allow some users complete access to Amazon Elastic Compute Cloud (EC2), Amazon S3, Amazon DynamoDB, and other AWS services. For other users, you can allowed read-only access to just some S3 buckets, or permission to administer just some of the EC2 instances, or to access just billing information.
3. Multi-Factor Authentication(MFA)- User can add two-factor authentication to their account and to individual users for extra security. With MFA you or your users must provide not only a password or access key to work with your account, but also a code from a specially configured device.
4. Identity federation- You can allow users who already have passwords elsewhere- for example, in your corporate network or with an internet provider- to get temporary access to your AWS account.
5. Identity information for assurance- If you use AWS CloudTrail, you receive log records also that include information about those who made requests for resources in your account. This information is based on IAM identities.
6. Eventually consistent- IAM, like many other AWS services is eventually consistent. IAM achieves high availability by replicating data across multiple servers within Amazon’s data centers around the world. If a request to change some data is successful, the change is committed and safely stored. Such changes include creating or updating users, groups, roles or policies.
7. Free to use- AWS IAM (Identity and Access Management) and AWS Security Token Service (STS) are features of your AWS account offered at no additional charge. You are charged only when you access other AWS services using your IAM users or AWS STS temporary security credentials.
I truly appreciate this post. I have been looking everywhere for this! Thank goodness I found it on Bing. You’ve made my day! Thanks again
Thank you..
Hi there! Someone in my Myspace group shared this site with us so I came to look it over. I’m definitely enjoying the information. I’m book-marking and will be tweeting this to my followers! Superb blog and excellent design.
Thank you..
My spouse and I absolutely love your blog and find almost all of your post’s to be precisely what I’m looking for. can you offer guest writers to write content for yourself? I wouldn’t mind creating a post or elaborating on most of the subjects you write with regards to here. Again, awesome weblog!
Thank you..
I抳e been exploring for a little for any high-quality articles or blog posts in this sort of house . Exploring in Yahoo I at last stumbled upon this website. Reading this info So i am happy to show that I’ve an incredibly just right uncanny feeling I came upon exactly what I needed. I so much certainly will make certain to do not fail to remember this site and give it a look on a continuing basis.
Thank you so much.
Good web site! I really love how it is simple on my eyes and the data are well written. I’m wondering how I could be notified whenever a new post has been made. I have subscribed to your RSS feed which must do the trick! Have a nice day!
Thank you for your appreciation.