Identity and access management in AWS CloudShell
AWS Identity and Access Management (IAM) is an Amazon Web Services (AWS) service that helps an administrator securely control access to AWS resources. IAM administrators control who can be authenticated (signed in) and authorized (have permissions) to use resources in AWS services. IAM is an AWS service that you can use with no additional charge.
To use AWS CloudShell to access AWS, you need an AWS account and AWS credentials. To increase the security of your AWS account, consider using an IAM user to provide access credentials instead of your own AWS account credentials.
For information about working with IAM, see AWS Identity and Access Management
For an overview of IAM users and why they're important for the security of your account, see AWS Security Credentials in the Amazon Web Services General Reference.
AWS CloudShell follows the shared responsibility model
As a security best practice, we recommend that you don't include sensitive data in your IAM entities such as users, roles, or session names.
Topics