*By Mahmoud AbuAwd / AI/ML Engineer / LinkedIn Profile : https://www.linkedin.com/in/mahmoud-abuawd-247290225/*
π IAM: Introduction
AWS Identity and Access Management (IAM) is used to control who can do what in your AWS account. It helps manage users, groups, and roles, and lets you create fine-tuned access rules.
π IAM Basics
- IAM is a global service β it works across all AWS regions.
- When you first create an AWS account, a root user is made. Donβt use or share this root account! It has full access to everything.
π₯ Users, Groups, and Roles
- Users are individual people or apps that need access.
- Groups are collections of users. (Groups can't contain other groups.)
- Roles are like temporary identities used by services, apps, or even other AWS accounts.
π Users can belong to multiple groups, and groups help simplify permission management.
π§Ύ Permissions and Policies
- Permissions are defined using policies.
- A policy is a JSON document that says what actions are allowed or denied.
π Principle of Least Privilege
Only give users the exact permissions they need β nothing more, nothing less.