AWS Identity and Access Management (IAM)
Securely manage identities and access to AWS services and resources
Set and manage guardrails and fine-grained access controls for your workforce and workloads.
Manage identities across single AWS accounts or centrally connect identities to multiple AWS accounts.
Grant temporary security credentials for workloads that access your AWS resources.
Continually analyze access to right-size permissions on the journey to least privilege.
How it works
Apply fine-grained permissions and scale with attribute-based access control
Create granular permissions based on user attributes—such as department, job role, and team name—by using attribute-based access control.
Learn about attribute-based access control »
Manage per-account access or scale access across AWS accounts and applications
Manage per-account identities with IAM or use IAM Identity Center to provide multi-account access and application assignments across AWS.
Establish organization-wide and preventative guardrails on AWS
Use service control policies to establish permissions guardrails for IAM users and roles, and implement a data perimeter around your accounts in AWS Organizations.
Set, verify, and right-size permissions toward least privilege
Streamline permissions management and use cross-account findings as you set, verify, and refine policies on the journey toward least privilege.
How to get started
Learn security best practices in IAM
Help secure your AWS resources with IAM best practices.
Get started with IAM
Define what users can access within your organization.
Connect with an expert
From development to enterprise-level programs, get the right support at the right time.