Identity Access Management (IAM)

What you can do in IAM

•create users


You can access the AWS platform in 3 ways;

• pragmatic way

• Via the Console Programmatically (Using the Command Line)

• Using the Software Developers Kit (SDK)

The policy is in JSON format

IAM stands for Identity Access Management. It is Global, you do not specify a region when dealing with IAM. When you create a user or group, this is created GLOBALLY.

Your root account is the email address you used to set up your

AWS account. The root account always has full administrator

access. You should not give these account credentials away to

anyone. Instead, create a user for each individual within your

organization. You should always secure this root account using

multi-factor authentication.

A group is simply a place to store your users. Your users will inherit all permissions that the group has. Examples of groups might be developers, system administrators, human resources, finance etc.

To set the permissions in a group you need to apply a policy to that group. Policies consist of JavaScript Object Notation (or JSON). These are referred to as key-value pairs. You have your key, such as name and then the value


“name”: “Alvis F”


Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store