πŸ” AWS IAM (Identity and Access Management)

Md Sharjil AlamMd Sharjil Alam
3 min read

Table of contents

Hey hashnode Family! πŸ‘‹
In this article, we'll explore AWS IAM (Identity and Access Management) β€” a foundational AWS service that helps you securely manage who can access your resources and what actions they can perform. If you're starting your AWS cloud journey, IAM is where it all begins.

πŸ›‘οΈ What is IAM?

IAM (Identity and Access Management) is a secure AWS service that allows you to:

  • Manage users, groups, roles, and policies

  • Control who can access what in your AWS account

Think of IAM as the security gatekeeper for your cloud infrastructure.

❓ Why Do We Need IAM?

IAM solves multiple security problems:

  • βœ… Granular access control (least privilege)

  • βœ… No need to share passwords

  • βœ… Temporary and limited access for apps and users

IAM makes your AWS environment secure, manageable, and scalable.

🧩 Key Components of IAM

πŸ‘€ 1. Users

  • Represents an individual person or app

  • Gets username, password, and/or access keys

  • Example: A developer who logs into AWS console

πŸ‘₯ 2. Groups

  • A collection of IAM users

  • You apply permissions to the group β€” all users in the group inherit them

  • Example: Development-Team group with EC2/S3 access

πŸ“œ 3. Policies

  • JSON documents that define permissions

  • Attached to users, groups, or roles

{
  "Effect": "Allow",
  "Action": "s3:*",
  "Resource": "*"
}

πŸ§‘β€πŸ’Ό 4. Roles

  • Used to grant temporary access

  • Best for EC2, Lambda, or cross-account access

  • No username or password β€” trust-based

πŸ› οΈ Hands-On IAM: Creating User, Group, and Permissions

Here’s a real-world setup:

  • πŸ‘€ User Created: test-user-101

  • πŸ‘₯ Group Created: Development-Team

  • πŸ“œ Policy Attached: AmazonEC2FullAccess, AmazonS3FullAccess

  • βœ… User added to group and inherited access

πŸ’» Screenshots:

AWS IAM console showing the user 'test-user-101' added to the 'Development-Team' group.

Adding our new user test-user-101 to the Development-Team group.

The 'Development-Team' group in AWS IAM showing the 'AmazonEC2FullAccess' and 'AmazonS3FullAccess' policies attached under the Permissions tab.

Verifying that the correct permissions are attached to the Development-Team group.

πŸ§ͺ IAM Use Case Example

Scenario: A developer needs access only to EC2 and S3.

πŸ› οΈ Steps:

  1. Create user dev-user

  2. Create group dev-team

  3. Attach S3 + EC2 policies to the group

  4. Add dev-user to dev-team

βœ… Now dev-user has access to EC2 and S3 β€” nothing else.

πŸ”„ Bonus: EC2 to S3 Access Using Roles

  • Create a role with AmazonS3FullAccess

  • Attach the role to an EC2 instance

  • EC2 now has temporary S3 access without access keys

πŸ“Œ Conclusion

IAM is not just an AWS service β€” it’s the foundation of cloud security.

With IAM, you gain:

  • πŸ” Better security control

  • 🧼 Clean access management

  • πŸ“ˆ Scalable permission model for teams and services

πŸ”— Let’s Connect!

🏷️ Tags:

#AWS #IAM #CloudSecurity #DevOps #TechBlog #SharjilLearnsCloud

0
Subscribe to my newsletter

Read articles from Md Sharjil Alam directly inside your inbox. Subscribe to the newsletter, and don't miss out.

AWSCloud#cybersecurityDevopsTechnical writing technologyAWS IAM

Written by

Md Sharjil Alam
Md Sharjil Alam