Category: AWS Identity and Access Management (IAM)

Recently, AWS launched managed policies, which simplify policy management by enabling you to attach a single policy to multiple AWS Identity and Access Management (IAM) entities such as users, groups, and roles. When you update a managed policy, the permissions in that policy apply to every entity to which the managed policy is attached. We […]

AWS recently announced a new feature of AWS Identity and Access Management (IAM): managed policies. Managed policies enable you to attach a single policy to multiple IAM users, groups, and roles (in this blog post referred to collectively as “IAM entities”). When you update a managed policy, the permissions in that policy apply to every […]

Last month, the AWS Security Blog encouraged you to adhere to AWS Identity and Access Management (IAM) best practices. One of these best practices is to lock away your AWS account (root) access keys and password, and not use them for day-to-day interaction with AWS. In fact, when it comes to your root account access […]

As another new year begins, we want to encourage you to be familiar with recommended AWS Identity and Access Management (IAM) best practices. Following these best practices can help you maintain the security of your AWS account. You can learn more by watching the IAM Best Practices presentation that was given by Anders Samuelsson at […]

Today, we made it possible for you to enable a user to switch roles directly in the AWS Management Console to access resources across multiple AWS accounts—while using only one set of credentials. Previously, as Anders discussed in his blog post, Delegating API Access to AWS Services Using IAM Roles, you could delegate access to […]

Several weeks ago, we released documentation for the AWS Identity and Access Management (IAM) policy grammar and published a back-to-school policy grammar blog post to let you know of common errors in policies. To help you ensure that your policies match your intentions, we are taking policy validation a step further. Starting March 2015, any new or updated policy must […]

When you need to grant access to your AWS resources to a third party, we recommend you do so using an IAM role with external ID. In this post, Josh Bean, a programmer writer on the AWS Identity and Access Management (IAM) team, walks you through a scenario to show you how. At times, you […]

Do you analyze, audit, or monitor your AWS Identity and Access Management (IAM) settings? If so, you will be happy to hear we’ve simplified the way you can retrieve a snapshot of your IAM settings. Today we’re making it easier for you to build tools to analyze, monitor, and audit your IAM entities (i.e., users, […]

Recently, the AWS Support Center moved to the AWS Management Console. In addition to providing a better user experience, it enabled another important feature – federated access. Users in your company can now use their existing credentials to access the AWS Support Center for actions like creating a case, looking at the case history, or […]

Have you ever had to create access policies for users, groups, roles, or resources and wished you could learn more about the policy language? If so, you’ve come to the right place. In this blog, I’ll describe the attributes and structure of the Identity and Access Management (IAM) policy language. I’ll also include examples that […]