Identity and access management in AWS CloudShell - AWS CloudShell

Identity and access management in AWS CloudShell

AWS Identity and Access Management (IAM) is an Amazon Web Services (AWS) service that helps an administrator securely control access to AWS resources. IAM administrators control who can be authenticated (signed in) and authorized (have permissions) to use resources in AWS services. IAM is an AWS service that you can use with no additional charge.

To use AWS CloudShell to access AWS, you need an AWS account and AWS credentials. To increase the security of your AWS account, consider using an IAM user to provide access credentials instead of your own AWS account credentials.

For information about working with IAM, see AWS Identity and Access Management.

For an overview of IAM users and why they're important for the security of your account, see AWS Security Credentials in the Amazon Web Services General Reference.

AWS CloudShell follows the shared responsibility model through the specific Amazon Web Services (AWS) services that it supports. For AWS service security information, see the AWS service security documentation page and AWS services that are in scope of AWS compliance efforts by compliance program.


As a security best practice, we recommend that you don't include sensitive data in your IAM entities such as users, roles, or session names.