What Is IAM In AWS


  • Centralized control of AWS account - We can access it anywhere through a browser 
  • Shared access to AWS Services - We can create multiple users and access the AWS Services
  • Granular permissions - We can give users permission-based access
  • Identity federation (including active directory, Facebook, LinkedIn, etc.)
  • Multifactor authentication - We can give MFA for users to authenticate and use services securely
  • Provide temporary access for user/device and services whenever necessary 
  • Allow users to set up their own password rotation policy.
  • Integrates with many different AWS Services
  • IAM also supports PCIDSS compliance.


  1. User
    End-users such as employees of an organization to access the AWS resources.
  1. Groups
    A collection of users is known as groups. Each user in the group will inherit the permission of the group.
  1. Policies
    Policies are made up of documents called policy documents. These documents are in a format called JSON and they give permissions as to what a User / Group / Role is able to do.
  1. Roles 
    The role is defined as a set of policies/permission, we can create a role and then assign them to AWS Resources.

How to create an IAM User

Click IAM under "security and compliance" in AWS Services dropdown.
What Is IAM
Click the "Users" tab on the left side.
What Is IAM
Click the "Add User" button.
What Is IAM
Fill in the details as you want and click the "Next: Permissions" button.
What Is IAM
Select a group if already created or create the group and click the "Next: Tags" button.
What Is IAM
Give the Key and Value if you want and click the "Next: Review" button.
What Is IAM
Review and click the "Create User" button.
What Is IAM
Download the CSV file without fail and don't lose the CSV file and click the "Close" button.
What Is IAM