AWS Identity and Access Management
Securely control access to AWS resources with AWS IAM
Acerca de AWS Identity and Access Management
AWS Identity and Access Management (IAM) enables secure access control for AWS services. Manage users, groups, and roles with granular permissions, supporting least privilege access, temporary credentials, and centralized identity management across AWS accounts. IAM helps scale access securely while maintaining control over workforce and workload identities.
Preguntas frecuentes
Yes, AWS IAM is offered at no additional charge.
To get started, create an IAM role and grant it permissions. For workforce users, create a role that can be assumed by your identity provider. For systems, create a role that can be assumed by the service you are using, such as Amazon EC2 or AWS Lambda. You can create and manage policies and roles in the IAM console, or via AWS APIs or the AWS CLI.
IAM roles provide a way to access AWS by relying on temporary security credentials. Each role has a set of permissions for making AWS service requests, and a role is not associated with a specific user or group. Instead, trusted entities such as identity providers or AWS services assume roles.
IAM policies define permissions for the entities you attach them to. For example, to grant access to an IAM role, attach a policy to the role. The permissions defined in the policy determine whether requests are allowed or denied. You also can attach policies to some resources, such as Amazon S3 buckets, to grant direct, cross-account access.
To grant access to services and resources by using AWS Identity and Access Management (IAM), attach IAM policies to roles or resources. You can start by attaching AWS managed policies, which are owned and updated by AWS and are available in all AWS accounts. If you know the specific permissions required for your use cases, you can create customer managed policies and attach them to roles.
RBAC provides a way for you to assign permissions based on a person’s job function, known outside of AWS as a role. IAM provides RBAC by defining IAM roles with permissions that align with job functions. You can then grant individuals access to assume these roles to perform specific job functions.
With AWS Identity and Access Management (IAM), all access is denied by default and requires a policy that grants access. To restrict access, specify a Deny statement in any policy. If a Deny statement applies to an access request, it always prevails over an Allow statement.
Alternativas a considerar
Ver todas las alternativasInsignias
Promociona AWS Identity and Access Management y dale más visibilidad añadiendo estas insignias a tu web, documentación o ficha de producto. Cada insignia enlaza a la página de AWS Identity and Access Management en Webfolio.
<a href="https://www.webfolio.to/tools/aws-identity-and-access-management?utm_source=badge&utm_campaign=badge" target="_blank" rel="noopener noreferrer"><img src="https://www.webfolio.to/badges/featured_color.svg" alt="Destacado en Webfolio" style="max-width: 150px" /></a>
Categorías
Reclamar esta herramienta
¿Eres el fundador? Reclama tu perfil para actualizar los detalles y rastrear visualizaciones.