Identity and Access Control - Introduction to AWS Security

Identity and Access Control

AWS offers you capabilities to define, enforce, and manage user access policies across AWS services. These include:

  • AWS Identity and Access Management (IAM) lets you define individual user accounts with permissions across AWS resources AWS Multi-Factor Authentication for privileged accounts, including options for software- and hardware-based authenticators. IAM can be used to grant your employees and applications federated access to the AWS Management Console and AWS service APIs, using your existing identity systems, such as Microsoft Active Directory or other partner offering.

  • AWS Directory Service allows you to integrate and federate with corporate directories to reduce administrative overhead and improve end-user experience.

  • AWS Single Sign-On (AWS SSO) allows you to manage SSO access and user permissions to all of your accounts in AWS Organizations, centrally.

AWS provides native identity and access management integration across many of its services, plus API integration with any of your own applications or services.