Understanding IAM in AWS

Need OF Identity Access Management/IAM?

If organization have less no of AWS account then management of those accounts is simple since it is easy to manage the logs and their workaround. Admin can easily perform changes but if organization have large no of AWS account of different departments then this task gets hectic so we need to create a admin for each and every department . So with every account we have different sets of keys. So here we have 2 approaches:

i. Simplest is to create login in each account and mange those changes but this is not an ideal approach.

ii. Creation of central entity and bind all the account with central entity. In central entity, we can implement access key and secret key. So addition or deletion of access key or user can be handled from here only. There is no need to visit each and every AWS account.

Central account is known as identity account.

What Is Identity Access Management/IAM?

IAM provides an approach to the organization where they can manage the different type of resource assigned to different type of users. IAM is…