Getting Started with AWS Identity and Access Management (IAM)

Using AWS Identity and Access Management (IAM), you can specify who can access which AWS services and resources, and under which conditions. IAM is a feature of your AWS account and is offered at no additional charge. To get started using IAM or if you have already registered with AWS, go to the AWS Management Console.

How it works

With IAM, you define who can access what by specifying fine-grained permissions. IAM then enforces those permissions for every request. Access is denied by default and access is granted only when permissions specify an "Allow." 

How IAM works

IAM video sessions and demos

Learn key IAM concepts by watching expert-led sessions and demonstrations.

AWS re:Invent 2022 - Harness IAM policies & rein in permissions with IAM Access Analyzer (SEC313)
A least-privilege journey: AWS IAM policies and Access Analyzer (55:59)
AWS re:Invent 2022 - A day in the life of a billion requests (SEC404)
10 easy and effective ways to secure your AWS environment (31:19)
AWS re:Invent 2022 - Security alchemy: How AWS uses math to prove security (SEC310)
Getting started with IAM and AWS Identity (1:02:15)

IAM tutorials and other resources

IAM Editorial