AWS IAM
AWS Identity and Access Management: users, groups, roles, policies, permission boundaries, and common AWS IAM misconfigurations.
14 terms in AWS IAM
What is AWS IAM?
AWS Identity and Access Management (IAM) controls who can do what on AWS. Learn the core building blocks — users, groups, roles, policies — and key security concepts.
AWS IAM Basics: Users, Groups, Roles, and Policies
AWS IAM revolves around four core building blocks — Users, Groups, Roles, and Policies. Learn what each does and how they work together to control AWS access.
AWS IAM User vs Role: What is the Difference?
IAM Users have long-lived credentials; IAM Roles use temporary credentials anyone allowed can assume. Learn the key differences and when to use which.
What is an AWS IAM Policy?
An AWS IAM Policy is a JSON document that defines permissions in AWS. Learn the policy types, evaluation order, and how to write least-privilege policies.
What is an AWS Principal?
An AWS Principal is the entity that makes a request to AWS — a user, role, federated identity, or service. Learn the principal types and how they're referenced in policies.
What is AWS STS?
AWS Security Token Service (STS) issues temporary, limited-privilege credentials for IAM principals. Learn what it does and how to use it safely.
What is AssumeRole in AWS?
AssumeRole is the STS API that lets a principal take on an IAM role's permissions temporarily. Learn how it works and how to secure it.
What is AWS Cross-Account Access?
AWS Cross-Account Access lets principals in one AWS account act in another. Learn the patterns — IAM roles, resource policies, RAM — and how to secure them.
What is a Permission Boundary in AWS?
An AWS Permission Boundary is a policy that caps the maximum permissions a user or role can ever have, regardless of attached policies. Learn how it enables safe delegation.
What is AWS Root Account Risk?
The AWS root account has unrestricted access to everything. Learn the risks of root account misuse and how to lock it down per AWS best practice.
What is an Over-Permissioned AWS IAM Role?
An over-permissioned AWS IAM role has more permissions than the workload needs — the most common AWS misconfiguration. Learn the patterns and how to fix them.
Common AWS IAM Misconfigurations
From wildcard policies to public S3 buckets, learn the most common AWS IAM misconfigurations attackers exploit — and how to detect and fix them.
AWS IAM Security Best Practices
A consolidated list of AWS IAM security best practices — covering identities, policies, federation, monitoring, and recovery — drawn from AWS guidance and real incident response.
AWS IAM Security Checklist for Beginners
A practical beginner-friendly AWS IAM security checklist covering identity, authentication, authorization, multi-account, monitoring, and recovery.
See your identity risk clearly.
Start with a 1-day Proof of Value in your own environment.