Identity and access management in AWS CloudShell

AWS Identity and Access Management (IAM) is an Amazon Web Services (AWS) service that helps an administrator securely control access to AWS resources. IAM administrators control who can be authenticated (signed in) and authorized (have permissions) to use resources in AWS services. IAM is an AWS service that you can use with no additional charge.

To use AWS CloudShell to access AWS, you need an AWS account and AWS credentials. To increase the security of your AWS account, consider using an IAM user to provide access credentials instead of your own AWS account credentials.

For information about working with IAM, see AWS Identity and Access Management.

For an overview of IAM users and why they're important for the security of your account, see AWS Security Credentials in the Amazon Web Services General Reference.

AWS CloudShell follows the shared responsibility model through the specific Amazon Web Services (AWS) services that it supports. For AWS service security information, see the AWS service security documentation page and AWS services that are in scope of AWS compliance efforts by compliance program.

Warning

As a security best practice, we recommend that you don't include sensitive data in your IAM entities such as users, roles, or session names.

Topics

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Data encryption

Audience