AWS Identity and Access Management
Using IAM (API Version 2010-05-08)
« PreviousNext »
View the PDF for this guide.Go to the AWS Discussion Forum for this product.Go to the Kindle Store to download this guide in Kindle format.Did this page help you?  Yes | No |  Tell us about it...

Accessing IAM

You can work with AWS Identity and Access Management using the following:

  • AWS Management Console. The console lets you use a browser-based interface to manage IAM and AWS resources. For more information about accessing IAM through the console, see IAM and the AWS Management Console. For a tutorial on using the console, see Creating an Admins Group Using the Console.

  • Command line interface (CLI). The CLI lets you issue commands at your computer's command line to perform IAM and AWS tasks; this can be faster and more convenient than using the console. The CLI is also useful if you want to build scripts that perform IAM tasks. For information about setting up and using the CLI, see AWS Command Line Interface User Guide.

    Note

    We recommend that you use the AWS Command Line Interface (AWS CLI), a cross-service CLI with a simplified installation, unified configuration, and consistent command line syntax. The AWS CLI is supported on Linux/UNIX, Windows, and Mac. The existing IAM-specific CLI continues to work, but will not be updated with new features in the future. For more information, see the AWS Command Line Interface User Guide. (If you use Microsoft Windows PowerShell, you might also want to try the AWS Tools for Windows PowerShell.)

  • AWS SDKs. AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide a convenient way to create programmatic access to IAM and AWS. For example, the SDKs take care of tasks such as cryptographically signing requests, managing errors, and retrying requests automatically. For information about the AWS SDKs, including how to download and install them, see the Tools for Amazon Web Services page.

  • IAM Query API. Finally, you can access IAM and AWS programmatically using the IAM Query API, which lets you issue HTTPS requests directly. (When you use the Query API, you must include code to digitally sign requests using your credentials.) For more information, see the IAM API Reference.

Using any of these access methods, you can manage IAM resources, such as the performing the following tasks:

  • Create groups and assign permissions to groups

  • Add users

  • Create security credentials for your users

  • Assign passwords to your users

Note

In order to access IAM, whether through the console or programmatically, you need security credentials. For information, see AWS Security Credentials in the AWS General Reference.