IAM (Identity Access Management)
What?
- Centralized control of your AWS account
- Shared access to your AWS account
- Granular permissions
- Identity Federation (including Active Directory, Facebook, LinkedIn, etc)
- Multifactor authentication (e.g. username, password, additional factors)
- Provide temporary access for users / devices and services where necessary
- Allows you to setup your own password rotation policy (e.g. every 3 weeks, months, etc)
- Integrates with many AWS services
- Supports PCI DSS compliance (framework if you're taking credit card details)
Key Terminology
Users, Groups, Policies, Roles
Exam Tips
- Read the S3 FAQs