Granting access to Amazon Location Service - Amazon Location Service

Granting access to Amazon Location Service

To use Amazon Location Service, a user must be granted access to the resources and APIs that make up Amazon Location. There are three strategies you can use to grant access to your resources.

  • Use IAM – To grant access to users authenticated with AWS IAM Identity Center (successor to AWS Single Sign-On) or AWS Identity and Access Management (IAM), create an IAM policy that allows access to the resources that you want. For more information about IAM and Amazon Location, see Identity and Access Management for Amazon Location Service.

  • (Preview) Use API keys – To grant access to unauthenticated users, you can create API Keys that give read-only access to your Amazon Location Service resources. This is useful in a case where you do not want to authenticate every user. For example, a web application. For more information about API keys, see (Preview) Allowing unauthenticated guest access to your application using API keys.


    For this preview, you can use API keys to give access only to map resources.

  • Use Amazon Cognito – An alternative to API keys is to use Amazon Cognito to grant anonymous access. Amazon Cognito allows you to create a richer authorization with policy to define what can be done by the unauthenticated users. For more information about using Amazon Cognito, see Allowing unauthenticated guest access to your application using Amazon Cognito.


    You can also use Amazon Cognito to use your own authentication process or to combine multiple authentication methods, using Amazon Cognito Federated Identities. For more information, see Getting Started with Federated Identities in the Amazon Cognito Developer Guide.