AWS IAM User
Jump to navigation
Jump to search
An AWS IAM User is a system user associated to AWS account.
- Context:
- It can access an AWS Console through an IAM Users Sign-In Link, such as:
https://account-ID-or-alias.signin.aws.amazon.com/console
orhttps://gabromelli.signin.aws.amazon.com/console
.
- It can access an AWS Console through an IAM Users Sign-In Link, such as:
- Example(s):
gemelli
athttps://console.aws.amazon.com/iam/home?#/users/gemelli
.- …
- Counter-Example(s):
- See: IAM Role, AWS Federated User.
References
2016
- http://docs.aws.amazon.com/IAM/latest/UserGuide/introduction_identity-management.html#intro-identity-users
- QUOTE: The "identity" aspect of AWS Identity and Access Management (IAM) helps you with the question "Who is that user?", often referred to as authentication. Instead of sharing your root account credentials with others, you can create individual IAM users within your account that correspond to users in your organization. IAM users are not separate accounts; they are users within your account. Each user can have its own password for access to the AWS Management Console. You can also create an individual access key for each user so that the user can make programmatic requests to work with resources in your account. …
… An IAM user doesn't have to represent an actual person; you can create an IAM user in order to generate an access key for an application that runs in your corporate network and needs AWS access. We recommend that you create an IAM user for yourself and then assign yourself administrative permissions for your account. You can then sign in as that user to add more users as needed. …
- QUOTE: The "identity" aspect of AWS Identity and Access Management (IAM) helps you with the question "Who is that user?", often referred to as authentication. Instead of sharing your root account credentials with others, you can create individual IAM users within your account that correspond to users in your organization. IAM users are not separate accounts; they are users within your account. Each user can have its own password for access to the AWS Management Console. You can also create an individual access key for each user so that the user can make programmatic requests to work with resources in your account. …
2016
- http://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html
- QUOTE: …
- … Users often have multiple policies that apply to them (but aren't necessarily attached to them). For example, IAM user Bob could have policies attached to him, and other policies attached to the groups he's in. In addition, he might be accessing an Amazon S3 bucket that has its own bucket policy (resource-based policy). All applicable policies are evaluated and the result is always that access is either granted or denied. For more information about the evaluation logic we use, see IAM Policy Evaluation Logic. …