Authentication and Access Control - Amazon Managed Blockchain

Authentication and Access Control

AWS Identity and Access Management (IAM) permission policies, VPC endpoint services powered by AWS PrivateLink, and Amazon EC2 security groups provide the primary means for you to control access to Amazon Managed Blockchain. In addition to these AWS services, open-source frameworks that run on Managed Blockchain have authentication and access control features that you can configure.

IAM permission policies are associated with AWS users in your account and determine who has access to what. Permission policies specify the actions that each user can perform using Managed Blockchain and other AWS services. VPC endpoint services allow each Managed Blockchain network member to connect privately to Managed Blockchain resources. Amazon EC2 security groups act as virtual firewalls and determine the inbound and outbound network traffic that is allowed between Managed Blockchain resources and other Amazon EC2 resources. In Managed Blockchain, these security groups are associated with the VPC endpoint in your account and with any framework clients that run on AWS, such as a Hyperledger Fabric client running on an Amazon EC2 instance.

Before you configure authentication and access control using AWS services and open-source features, we recommend that you review the following resources: