You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
IAM users and groups are the primary way you grant people and applications access to your AWS account. Understanding how to create, organise, and manage them is fundamental to maintaining a secure environment.
An IAM user is an entity that represents a person or workload. When you create a user, you give it a unique name and assign it credentials so it can authenticate.
Each IAM user can have one or both types of access:
| Access Type | Used For | Credential |
|---|---|---|
| Console access | Signing in to the AWS Management Console via a web browser | Password |
| Programmatic access | Making API calls via the CLI, SDKs, or direct HTTP requests | Access key ID + Secret access key |
A user with console access can click through the AWS web interface. A user with programmatic access can run commands like aws s3 ls from a terminal. Many users — especially administrators — have both.
When creating a user, you should:
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.