Identity and Access Management in AWS DataSync - AWS DataSync

Identity and Access Management in AWS DataSync

AWS uses security credentials to identify you and to grant you access to your AWS resources. You can use features of AWS Identity and Access Management (IAM) to allow other users, services, and applications to use your AWS resources fully or in a limited way, without sharing your security credentials.

By default, IAM identities (users, groups, and roles) don't have permission to create, view, or modify AWS resources. To allow user, groups and roles to access AWS DataSync resources and interact with the DataSync console and API, you should use an IAM policy that grants permission to use the specific resources and API actions they will need. You then attach the policy to the IAM identity that requires access. For an overview of the basic elements for a policy, see Overview of Managing Access Permissions for DataSync.

The following sections provide details on how you can use AWS Identity and Access Management (IAM) and DataSync to help secure your resources by controlling who can access them:

We recommend that you read the these sections.