AWS IAM — Roles, Users, Groups & Policies Explained
What Is IAM?
AWS Identity & Access Management (IAM) is used to control who can access which AWS resources.
IAM Components
- Users: Individual login accounts
- Groups: Collection of users
- Roles: Temporary permissions for AWS services
- Policies: JSON-based permission documents
Easy Memory Trick
- User = Person
- Group = Team
- Role = Temporary identity
- Policy = Rule book
Security Best Practices
- Enable MFA
- Don’t use root account
- Use least privilege access
- Rotate access keys
Conclusion
IAM ensures secure access to AWS resources and is one of the most important cloud concepts.
