IAM

What is IAM

access control
who can access (authentication)? and what can they access (authorization)?

Identity

authentication

Policy

authorization

Role

a named collection of access rights

Service Role

a specific type of role
usually used by a AWS service

Service-Linked Role

a unique type of service role
directly linked to an AWS service
predefined by the service, cannot modify the permissions
automatically created and deleted with the associated resource

Cross-Account Access Role

Federated Identity Role

Instance Profile Role

Back to top