DEV Community

Cover image for πŸ” AWS IAM: Identity and Access Management Simplified
Md Sharjil Alam
Md Sharjil Alam

Posted on

πŸ” AWS IAM: Identity and Access Management Simplified

Hey Dev.to Family! πŸ‘‹

In this article, we'll explore AWS IAM (Identity and Access Management) β€” a foundational AWS service that helps you securely manage who can access your resources and what actions they can perform. If you're starting your AWS cloud journey, IAM is where it all begins.

πŸ“š Table of Contents

  1. What is IAM?
  2. Why Do We Need IAM?
  3. Key Components of IAM
  4. Hands-On IAM: Creating User, Group, and Permissions
  5. IAM Use Case Example
  6. Conclusion

πŸ›‘οΈ What is IAM?

IAM (Identity and Access Management) is a secure AWS service that allows you to:

  • Manage users, groups, roles, and policies
  • Control who can access what in your AWS account

Think of IAM as the security gatekeeper for your cloud infrastructure.

❓ Why Do We Need IAM?

IAM solves multiple security problems:

  • βœ… Granular access control (least privilege)
  • βœ… No need to share passwords
  • βœ… Temporary and limited access for apps and users

IAM makes your AWS environment secure, manageable, and scalable.

🧩 Key Components of IAM

πŸ‘€ 1. Users

  • Represents an individual person or app
  • Gets username, password, and/or access keys
  • Example: A developer who logs into AWS console

πŸ‘₯ 2. Groups

  • A collection of IAM users
  • You apply permissions to the group β€” all users in the group inherit them
  • Example: Development-Team group with EC2/S3 access

πŸ“œ 3. Policies

  • JSON documents that define permissions
  • Attached to users, groups, or roles 
{
  "Effect": "Allow",
  "Action": "s3:*",
  "Resource": "*"
}
Enter fullscreen mode Exit fullscreen mode

πŸ§‘β€πŸ’Ό 4. Roles

  • Used to grant temporary access
  • Best for EC2, Lambda, or cross-account access
  • No username or password β€” trust-based

πŸ› οΈ Hands-On IAM: Creating User, Group, and Permissions

Here’s a real-world setup:

  • πŸ‘€ User Created: test-user-101
  • πŸ‘₯ Group Created: Development-Team
  • πŸ“œ Policy Attached: AmazonEC2FullAccess, AmazonS3FullAccess
  • βœ… User added to group and inherited access

πŸ’» Screenshots:

AWS IAM console showing the user 'test-user-101' added to the 'Development-Team' group.
Adding our new user test-user-101 to the Development-Team group.

The 'Development-Team' group in AWS IAM showing the 'AmazonEC2FullAccess' and 'AmazonS3FullAccess' policies attached under the Permissions tab.
Verifying that the correct permissions are attached to the Development-Team group.

πŸ§ͺ IAM Use Case Example

Scenario: A developer needs access only to EC2 and S3.

πŸ› οΈ Steps:

  1. Create user dev-user
  2. Create group dev-team
  3. Attach S3 + EC2 policies to the group
  4. Add dev-user to dev-team

βœ… Now dev-user has access to EC2 and S3 β€” nothing else.

πŸ”„ Bonus: EC2 to S3 Access Using Roles

  • Create a role with AmazonS3FullAccess
  • Attach the role to an EC2 instance
  • EC2 now has temporary S3 access without access keys

πŸ“Œ Conclusion

IAM is not just an AWS service β€” it’s the foundation of cloud security.

With IAM, you gain:

  • πŸ” Better security control
  • 🧼 Clean access management
  • πŸ“ˆ Scalable permission model for teams and services

πŸ”— Let’s Connect!

🏷️ Tags:

#AWS #IAM #CloudSecurity #DevOps #TechBlog #SharjilLearnsCloud

Top comments (0)