IAM stands for Identity and Access Management, it is one of the important services offered by AWS.
It helps the organizations to create users and groups, also manages access to the users and groups by assigning the policies.
In simple words it defines, WHO CAN ACCESS, WHAT in your AWS organization.
IAM provides Identity to each user and groups and logs all the activities, to analyze to access activities.
IAM provides security and minimizes the risk by managing the accesses to users groups.
The permissions that are defined and assigned to a user or a group are policies.
Single user can be part of multiple groups.
The permissions that are assigned to a user have no effect on his group permissions and vice-versa. That is, even if he has the admin access as a user, he will not be allowed use that in his group.
Groups contains only users, not other groups.
Thank you for reading. #aws #devops #automation