March 26, 2026 - Use IAM Roles Anywhere to allow workloads that run outside of AWS, such as on-premises, hybrid, and multicloud environments, to access AWS resources by using X.509 digital certificates issued by your registered certificate authorities.

March 5, 2026 - AWS Identity and Access Management (IAM), AWS IAM Identity Center and AWS Security Token Service (AWS STS) are features of your AWS account offered at no additional charge. You are charged only when you access other AWS services using your IAM users or AWS STS temporary security credentials. IAM Access Analyzer external access analysis is offered at no additional charge. However, you will incur charges for unused access analysis and customer policy checks. For a complete list of charges and prices for IAM Access Analyzer, see IAM Access Analyzer pricing

2 days ago - Grant temporary security credentials for workloads that access your AWS resources using IAM and grant your workforce access with AWS IAM Identity Center.

3 weeks ago - Amazon EC2 service-linked roles can be used only for the following features: Spot Instance Requests, Spot Fleet Requests, Amazon EC2 Fleets, and Fast launching for Windows instances. Only some Amazon ECS actions support resource-level permissions. MediaPackage supports service-linked roles ...

2 weeks ago - AWS IAM enables you to securely control access to AWS services and resources for users. Click here to learn more about the features of AWS IAM. Read on!

4 weeks ago - In this workshop, learn how to use IAM Access Analyzer policy validation feature, build a CI/CD pipeline using AWS services, and incorporate IAM Access Analyzer policy validation checks into your CI/CD pipeline.

5 days ago - For a detailed tutorial that demonstrates how to use ABAC in AWS, see IAM tutorial: Define permissions to access AWS resources based on tags. IAM temporary delegation is a feature that enables Amazon and AWS Partners to request temporary, limited access to your AWS account to perform specific tasks on your behalf.

January 9, 2024 - Understanding IAM is essential for maintaining the security of your AWS environment. In this post, we’ll explore the core features of IAM, including users, groups, roles, policies, and identity federation.

5 days ago - Access workloads that run outside of AWS: You might have workloads running outside of AWS, such as on-premises, hybrid, and multicloud environments, that need access to your AWS resources. By using IAM Roles Anywhere, your applications outside of AWS can obtain temporary access to resources in your AWS environment.

Describes the AWS CLI commands that you can use to administer IAM. Provides syntax, options, and usage examples for each command. ... Provides a list of the actions, resources, and condition keys supported by each AWS service that can be used in an IAM policy.

You’ll see how IAM manages identities and permissions, learn about features like the IAM Identity Center, Access Analyzer, Policy Simulator, and Policy Generator, and even walk through simple examples using the AWS CLI and Terraform.

5 days ago - Passkeys and security keys are supported for root and IAM users in all AWS Regions, except the AWS China (Beijing) Region, operated by Sinnet, and the AWS (Ningxia) Region, operated by NWCD. For more information about enabling FIDO security keys, see Enabling a passkey or security key. Virtual authenticator apps implement the time-based one-time password (TOTP) algorithm and support multiple tokens on a single device. Virtual authenticators are supported for IAM users in the AWS GovCloud (US) Regions and in other AWS Regions.

4 weeks ago - You can assign user permissions based on common job functions and customize these permissions to meet your specific security requirements. IAM Identity Center also includes built-in integrations to AWS applications, such as AWS Analytics services, Amazon SageMaker Studio, AWS Systems Manager Change Manager, and many business applications, such as Salesforce, Box, and Microsoft 365.

August 1, 2024 - Integration with MFA: Strengthen security by requiring a second form of authentication for accessing AWS resources. Federation with external identities: Integrate external identity providers (e.g., Google, Active Directory) for centralized access management across your organization. Security at no extra cost: IAM is a free feature of AWS—meaning the only costs associated with IAM are related to the resources and services you use in AWS.

5 days ago - Attribute-based access control (ABAC): Use ABAC to define fine-grained permissions based on the attributes attached to IAM roles, such as departments and job roles. By granting access to individual resources based on attributes, you don't have to update policies for each new resource that you add in the future. For more information, see ABAC for AWS.

IAM also integrates with AWS CloudTrail, providing detailed logging and identity information to support auditing and compliance requirements. By taking advantage of these capabilities, you can help ensure that access to your critical AWS resources is tightly controlled and secure. You can grant other people permission to administer and use resources in your AWS account without having to share your password or access key.

AWS policies are based on six different criteria: identity, resources, permission boundaries, service control policies, access control lists and session policies. IT teams can attach multiple policies to each identity for more granular control.

Below are the most important IAM features that organizations rely on for secure and efficient cloud management: Fine-Grained Access Control Fine-grained access control is one of the core functionalities of IAM. Using IAM policies, you can precisely specify which AWS services and resources users ...

March 3, 2025 - With features like multi-factor authentication (MFA), centralized control, and the ability to share resources, IAM is key to protecting your cloud infrastructure and keeping things running smoothly.

July 8, 2024 - Secure your AWS environment with this comprehensive IAM guide. Learn how to manage users, groups, roles, and policies to control access and protect resources.