Skip to the content.
AWS Developer Associate

IAM: Identity Access & Management

What Is IAM?

AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. You use IAM to control who is authenticated (signed in) and authorized (has permissions) to use resources.

IAM: Users & Groups

IAM: Permissions

IAM Policies Structure


  "Version": "2012-10-17",
  "Statement": [
      "Effect": "Allow",
      "Action": "ec2:Describe*",
      "Resource": "*"
      "Effect": "Allow",
      "Action": "elasticloadbalancing:Describe*",
      "Resource": "*"
      "Effect": "Allow",
      "Action": [
      "Resource": "*"

IAM - Password Policy

IAM Roles for Services

IAM Security Tools

IAM Guidelines & Best Practices

Shared Responsibility Model for IAM

Infrastructure (global network security) Users, Groups, Roles, Policies management and monitoring
Configuration and vulnerability analysis Enable MFA on all accounts
Compliance validation Rotate all your keys often, Use IAM tools to apply appropriate permissions, Analyze access patterns & review permissions

Multi Factor Authentication - MFA

MFA devices options in AWS

How can users access AWS ?

What’s the AWS CLI?

What’s the AWS SDK?

IAM Section - Summary