AWS Identity and Access Management (IAM)

Securely manage identities and access to AWS services and resources

Set and manage guardrails and fine-grained access controls for your workforce and workloads.

Manage identities across single AWS accounts or centrally connect identities to multiple AWS accounts.

Grant temporary security credentials for workloads that access your AWS resources.

Continually analyze access to right-size permissions on the journey to least privilege.

How it works

With AWS Identity and Access Management (IAM), you can specify who or what can access services and resources in AWS, centrally manage fine-grained permissions, and analyze access to refine permissions across AWS.
Use IAM to specify who can access resources across AWS
 Click to enlarge

Use cases

Apply fine-grained permissions and scale with attribute-based access control

Create granular permissions based on user attributes—such as department, job role, and team name—by using attribute-based access control.

Learn about attribute-based access control »

Manage per-account access or scale access across AWS accounts and applications

Manage per-account identities with IAM or use IAM Identity Center to provide multi-account access and application assignments across AWS.

Learn about centralizing identity and access management »

Establish organization-wide and preventative guardrails on AWS

Use service control policies to establish permissions guardrails for IAM users and roles, and implement a data perimeter around your accounts in AWS Organizations.

Learn about data perimeter guardrails »

Set, verify, and right-size permissions toward least privilege

Streamline permissions management and use cross-account findings as you set, verify, and refine policies on the journey toward least privilege.

Learn about the least-privilege journey »

How to get started

Learn security best practices in IAM

Help secure your AWS resources with IAM best practices.

Explore the documentation »

Get started with IAM

Define what users can access within your organization.

Learn more »

Connect with an expert

From development to enterprise-level programs, get the right support at the right time.

Explore support options »

Explore more of AWS