AWS IAM
Last updated:
![[202208012318 AWS IAM Basics]]
IAM Users
IAM users are an identity used for long term access to any resource, i.e. people, applications or service accounts.
5000 users per account. User can be member of 10 groups. IAM Roles and Identity Federation fix this for large orgs or internet orgs.
Principal —> Authentication —> Authenticated identity Authentication done using:
- Username and passwor
- Access keys
ARN (Amazon Resource Name)
Uniquely identify resources within AWS
IAM Groups
IAM groups are containers for IAM users. Groups are not a true identity. They can’t be referred as a prinicipal in a policy.
IAM Roles
references: