AWS Identity and Access Management (IAM) Resources

Documentation

IAM user guide

This guide introduces you to IAM by explaining IAM features that help you apply fine-grained permissions in AWS. The guide shows you how to grant access by defining and applying IAM policies to roles and resources. Additionally, this guide explains how IAM works and how you can use IAM to control access for your users and workloads. 

HTML | PDF | Kindle

AWS STS API Reference

This AWS Security Token Service (AWS STS) documentation describes the API operations for you to programmatically assume roles in AWS. The documentation also provides sample requests, responses, and errors for the supported web service protocols.

HTML


This IAM section of the AWS CLI Command Reference describes the AWS CLI commands you can use to administer IAM. The section also provides syntax, options, and usage examples for each command.

This AWS STS section of the AWS CLI Command Reference documentation describes the AWS CLI commands that you can use to generate temporary security credentials. The section also provides syntax, options, and usage examples for each command.

The IAM API Reference describes in detail all the API operations for IAM. This documentation also provides sample requests, responses, and errors for the supported web services protocols.
 

Other resources

Sample code and libraries: IAM-related sample code

Developer tools: Command line and GUI-based tools for use with IAM APIs

IAM discussion forum: Discussion forum for IAM-related topics

Videos

Screenshot from Brigid Johnson's SEC324 session at AWS re:Invent 2021

AWS re:Inforce 2022 - Security best practices with AWS IAM (IAM201)

IAM is an essential service that helps you securely control access to your AWS resources. In this session, learn about IAM best practices like working with temporary credentials, applying least-privilege permissions, moving away from users, analyzing access to your resources, and validating policies. Leave this session with ideas for how to secure your AWS resources in line with AWS best practices.

Screenshot from Brigid Johnson's SEC324 session at AWS re:Invent 2021
 
Building secure applications and workloads on AWS means knowing your way around IAM. This session is geared toward the curious builder who wants to learn practical IAM skills for defending workloads and data, with a technical, first-principles approach.
Screenshot from Brigid Johnson's SEC324 session at AWS re:Invent 2021

AWS Identity, Security, and Compliance videos - AWS re:Invent 2021

Useful and instructive videos covering a variety of AWS Identity, Security, and Compliance topics.

Screenshot from Brandon Wu's IAM Access Analyzer video
 
Implementing the principle of least privilege is often considered a journey, and a confident journey should have a map. This session proposes such a map by considering relevant design principles and mental models that can accelerate your journey to least privilege. The session also reviews successful patterns that organizations use, including policy generators and policy reducers, to support the journey.
Screenshot from Brandon Wu's IAM Access Analyzer video
 
Session videos from AWS re:Inforce 2022 that cover identity and access management topics from validating IAM policies at scale to identity-centric security to designing a well-architected identity and management solution.
Screenshot from Brandon Wu's IAM Access Analyzer video
 
Videos about IAM Access Analyzer, which uses automated reasoning to determine all possible access paths allowed by a resource-based policy.

Blog posts

Date
  • Date
1

We could not find any IAM blog posts at this time. See the AWS Blog for additional content.

Learn more about IAM

Read the FAQs
Ready to build?
Get started with IAM
Have more questions?
Contact us