IAM - Manage Users, Roles and Permissions

With IAM service you can specify who can access which services and resources

▪ Create and manage AWS Users and Groups

▪ Assign policies (set of permissions)

Different Types of IAM Users

▪ Human Users

▪ System Users: For example Jenkins needs permission to deploy Docker containers on AWS

Groups

▪ For granting access to multiple IAM users

IAM roles

▪ IAM role is similar to an IAM user

▪ Instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it

▪ Also Policies cannot be assigned to AWS services directly

▪ So role is used to grant AWS services access to other AWS services

How to attach policies to IAM Role?

1. Create IAM Role

2. Assign Role to AWS Service

3. Attach Policies to that IAM Role