Identity and access management for VPC Reachability Analyzer - Amazon Virtual Private Cloud

Identity and access management for VPC Reachability Analyzer

AWS Identity and Access Management (IAM) is an AWS service that helps an administrator securely control access to AWS resources. IAM administrators control who can be authenticated (signed in) and authorized (have permissions) to use Reachability Analyzer resources. IAM is an AWS service that you can use with no additional charge.

To use VPC Reachability Analyzer, you need an AWS account and AWS credentials. To increase the security of your AWS account, we recommend that you use an IAM user to provide access credentials instead of using your AWS account credentials. For more information, see AWS account root user credentials vs. IAM user credentials in the Amazon Web Services General Reference and IAM best practices in the IAM User Guide.

For an overview of IAM users and why they are important for the security of your account, see AWS security credentials in the Amazon Web Services General Reference. For more information about working with IAM, see the IAM User Guide.

The following sections provide details on how an IAM administrator can use IAM to help secure your AWS resources, by controlling who can perform Reachability Analyzer actions.