Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

AWS Identity and Access Management Documentation

AWS Identity and Access Management (IAM) is a web service for securely controlling access to AWS services. With IAM, you can centrally manage users, security credentials such as access keys, and permissions that control which AWS resources users and applications can access.

IAM

  1. Introduces you to AWS Identity and Access Management, helps you set up users and groups, and shows you how to protect your resources with access control policies. Also shows how to connect to other identity services to grant external users access to your AWS resources.
  2. Describes all the API operations for AWS Identity and Access Management in detail. Also provides sample requests, responses, and errors for the supported web services protocols.
  3. Describes the AWS CLI commands that you can use to administer IAM. Provides syntax, options, and usage examples for each command.
  4. Provides a list of the actions, resources, and condition keys supported by each AWS service that can be used in an IAM policy.
  5. Provides details of AWS managed policies. Use these policies, created and administered by AWS, to assign permissions to users, groups, and roles.

STS

  1. Describes all the API operations for AWS STS in detail. Also provides sample requests, responses, and errors for the supported web services protocols.
  2. Describes the AWS CLI commands that you can use to generate temporary security credentials. Provides syntax, options, and usage examples for each command.

IAM Access Analyzer

  1. Describes the API operations for IAM Access Analyzer. Also provides sample requests, responses, and errors for the supported web services protocols.
  2. Describes the AWS CLI commands that you can use to administer IAM Access Analyzer. Provides syntax, options, and usage examples for each command.

IAM Roles Anywhere

  1. Provides conceptual overviews of IAM Roles Anywhere and explains how to use it.
  2. Describes the API operations for IAM Roles Anywhere. Also provides sample requests, responses, and errors for the supported web services protocols.
  3. Describes the AWS CLI commands that you can use to administer IAM Roles Anywhere. Provides syntax, options, and usage examples for each command.

Best Practices

Use best practice guidance from AWS experts—AWS Solutions Architects, Professional Services Consultants, and Partners—to develop your architecture.
  1. Learn how to meet your security and compliance goals using AWS infrastructure and services.
    • Learn about the best practices for using IAM to help secure your AWS resources.
      PrivacySite termsCookie preferences
      © 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.