AWS Identity and Access Management (IAM) is a global service that allows customers to manage users, groups, roles and permissions for accessing and interacting with AWS services. AWS IAM is a fundamental component for ensuring security and controlling access within the AWS environment.
AWS shared responsibility model for IAM
AWS Shared Responsibility Model
AWS responsibility
IAM is an integral part of the AWS Shared Responsibility Model. IAM is an AWS security infrastructure that provides services for identity and access control. AWS is responsible for making the IAM services available.
Customer responsibility
You as a customer has the responsibility of using the IAM entity to create and monitor users, groups, roles; enable Multi Factor Authentication (MFA) on all accounts; rotate all your keys often; use IAM tools to apply appropriate permissions; analyse access patterns and review permissions on a periodical basis.
Table of contents
Back to parent node: Cloud Computing
Cloud_computing AWS AWS_IAM AWS_shared_responsibility AWS_CLF-C02
Reference