Amazon Managed Blockchain
Management Guide

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.

Authentication and Access Control

AWS Identity and Access Management (IAM) permission policies, VPC endpoint services powered by PrivateLink, and Amazon EC2 security groups provide the primary means for you to control access to Amazon Managed Blockchain.

IAM permission policies are associated with AWS users in your account and determine who has access to what. Permission policies specify the actions that each user can perform using Managed Blockchain and other AWS services. VPC endpoint services allow each Managed Blockchain network member to connect privately to Managed Blockchain resources. Amazon EC2 security groups act as virtual firewalls and determine the inbound and outbound network traffic that is allowed between Managed Blockchain resources and other Amazon EC2 resources. In Managed Blockchain, these security groups are associated with the VPC endpoint in your account and with any framework clients that run on AWS—for example, a Hyperledger Fabric client running on an Amazon EC2 instance.

In addition to these AWS services, open-source frameworks that run on Managed Blockchain have authentication and access control features that you can configure.

Before you configure authentication and access control using AWS services and open-source features, we recommend that you review the following resources: