Want to save your progress?
Create a free account to track your lessons and quizzes across devices.
Register Login
Create a free account to track your lessons and quizzes across devices.
Register Login
« Back to ClassCompleted: 0%
Identity and Access Management (IAM)
Page 1 of 1
Users, Groups, and Roles
IAM is the gatekeeper of AWS.
- IAM User: Represents a person or service. It has permanent credentials (password or access keys).
- IAM Group: A collection of users. You attach permissions to the Group (e.g., "Admins"), not the individual user, for easier management.
- IAM Role: An identity without permanent credentials. It is "assumed" by a user or an AWS service for a short time. For example, an EC2 instance can assume a Role to get temporary permission to write to an S3 bucket.
Least Privilege: Always grant only the permissions necessary to perform a task and no more.