Resources to learn more about IAM - AWS Identity and Access Management

Resources to learn more about IAM

IAM is a rich product, and you'll find many resources to help you learn more about how IAM can help you secure your AWS account and resources.

Identities

Consult these resources for creating, managing, and using identities.

Credentials (passwords, access keys, and MFA devices)

Review the following guides to manage passwords, access keys, and MFA devices for your AWS account and for IAM users.

For general information about the types of credentials you use to access Amazon Web Services, see AWS Security Credentials in the AWS General Reference guide..

Permissions and policies

Learn the inner workings of IAM policies and find tips on the best ways to confer permissions:

Federation and delegation

You can grant access to resources in your AWS account for users who are authenticated (signed in) elsewhere. These can be IAM users in another AWS account (known as delegation), users who are authenticated with your organization's sign-in process, or users from an Internet identity provider like Login with Amazon, Facebook, Google, or any other OpenID Connect (OIDC) compatible identity provider. In these cases, the users get temporary security credentials to access AWS resources.

IAM and other AWS products

Most AWS products are integrated with IAM so that you can use IAM features to help protect access to the resources in those products. The following resources discuss IAM and security for some of the most popular AWS products. For a complete list of products that work with IAM, including links to more information on each, see AWS services that work with IAM.

Using IAM with Amazon EC2

  • Controlling Access to Amazon EC2 Resources – Describes how to use IAM features to permit users to administer Amazon EC2 instances, volumes, and more.

  • Use instance profiles – Describes how to use IAM roles to securely provide credentials for applications that run on Amazon EC2 instances and that need access to other AWS products.

Using IAM with Amazon S3

Using IAM with Amazon RDS

Using IAM with Amazon DynamoDB

  • Using IAM to Control Access to DynamoDB Resources – Describes how to use IAM to permit users to administer DynamoDB tables and indexes.

  • The following video (8:55) explains how to provide access control for individual DynamoDB database items or attributes (or both).

General security practices

Find expert tips and guidance on the best ways to secure your AWS account and resources:

  • Best Practices for Security, Identity, &, Compliance – Find resources for how to manage security across AWS accounts and products, including suggestions for security architecture, use of IAM, encryption and data security, and more.

  • Identity and Access Management – The AWS Well-Architected Framework helps you understand key concepts, design principles, and architectural best practices for designing and running workloads in the cloud.

  • Security best practices in IAM – Offers recommendations for ways to use IAM to help secure your AWS account and resources.

  • AWS CloudTrail User Guide – Use AWS CloudTrail to track a history of API calls made to AWS and store that information in log files. This helps you determine which users and accounts accessed resources in your account, when the calls were made, what actions were requested, and more.

General resources

Explore the following resources to learn more about IAM and AWS.

  • Classes & Workshops – Links to role-based and specialty courses, in addition to self-paced labs to help sharpen your AWS skills and gain practical experience.

  • AWS Developer Center – Explore tutorials, download tools, and learn about AWS developer events.

  • AWS Developer Tools – Links to developer tools, SDKs, IDE toolkits, and command line tools for developing and managing AWS applications.

  • Getting Started Resource Center – Learn how to set up your AWS account, join the AWS community, and launch your first application.

  • Hands-On Tutorials – Follow step-by-step tutorials to launch your first application on AWS.

  • AWS Whitepapers – Links to a comprehensive list of technical AWS whitepapers, covering topics such as architecture, security, and economics and authored by AWS Solutions Architects or other technical experts.

  • AWS Support Center – The hub for creating and managing your AWS Support cases. Also includes links to other helpful resources, such as forums, technical FAQs, service health status, and AWS Trusted Advisor.

  • AWS Support – The primary webpage for information about AWS Support, a one-on-one, fast-response support channel to help you build and run applications in the cloud.

  • Contact Us – A central contact point for inquiries concerning AWS billing, account, events, abuse, and other issues.

  • AWS Site Terms – Detailed information about our copyright and trademark; your account, license, and site access; and other topics.