- Allows you to manage users and their level of access to the AWS Console.
- It is used to set users, permissions and roles. It allows you to grant access to the different parts of the aws platform.
- PAM and IAM are not the same. Whilst PAM protects users with privileged access to sensitive data, IAM deals with a business's everyday users.
- Users - End users
- Groups - Collection of users under one set of permissions (Admins, HR, etc.)
- Policies - Document that defines one or more permissions. Apply policies to users, groups, and roles
- Centralized control of AWS account
- Shared access to AWS account
- Granular permissions
- Identify Federation (AD, FB, LinkedIn, etc.)
- Multifactor Authentication
- Provide temporary access for users/devices/services
- Allows you to setup password rotation policy
- Integrates with many services
- Supports PCI DSS Compliance
No comments:
Post a Comment