![\"file\"](\"https:\/\/www.fanyamin.com\/wordpress\/wp-content\/uploads\/2025\/01\/image-1736154180430.png\")
<\/p>\n<\/p>\n
The IAM service stores these resources. You can add, edit, and remove them from the IAM console.<\/p>\n
IAM resources that AWS uses for authentication. Specify the entity as a Principal in a resourcebased policy.<\/p>\n
The IAM resource that's authorized in policies to perform actions and to access resources.
\nIdentities include IAM users, IAM groups, and IAM roles.<\/p>\n
An AWS account root user, IAM user or an IAM role that can make a request for an action or
\noperation on an AWS resource. Principals include human users, workloads, federated users and
\nassumed roles. After authentication, IAM grants the principal either permanent or temporary
\ncredentials to make requests to AWS, depending on the principal type.<\/p>\n
Human users are also known as human identities, such as the people, administrators,
\ndevelopers, operators, and consumers of your applications.<\/p>\n<\/li>\n
Workloads are a collection of resources and code that delivers business value, such as an
\napplication, process, operational tools, and other components.<\/p>\n<\/li>\n
Federated users are users whose identity and credentials are managed by another identity
\nprovider, such as Active Directory, Okta, or Microsoft Entra.<\/p>\n<\/li>\n
IAM roles are an IAM identity that you can create in your account that has specific permissions
\nthat determine what the identity can and can't do. However, instead of being uniquely
\nassociated with one person, a role is intended to be assumable by anyone who needs it.<\/p>\n<\/li>\n<\/ul>\n
IAM grants IAM users and the root user long-term credentials and IAM roles temporary
\ncredentials. Federated users and users in AWS IAM Identity Center assume IAM roles when they
\nsign-in to AWS, which grants them temporary credentials.<\/p>\n
As a best practice, we recommend that you require human users and workloads to access AWS resources using temporary
\ncredentials.<\/p>\n","protected":false},"excerpt":{"rendered":"
IAM Resource The IAM service stores these resources. You can add, edit, and remove them from the IAM console. IAM user IAM group IAM role Permission policy Identity-provider object IAM Entity IAM resources that AWS uses for authentication. Specify the entity as a Principal in a resourcebased policy. IAM user IAM role IAM Identity The […] →Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"class_list":["post-1767","post","type-post","status-publish","format-standard","hentry","category-5"],"_links":{"self":[{"href":"https:\/\/www.fanyamin.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/1767"}],"collection":[{"href":"https:\/\/www.fanyamin.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.fanyamin.com\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.fanyamin.com\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.fanyamin.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1767"}],"version-history":[{"count":2,"href":"https:\/\/www.fanyamin.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/1767\/revisions"}],"predecessor-version":[{"id":1770,"href":"https:\/\/www.fanyamin.com\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/1767\/revisions\/1770"}],"wp:attachment":[{"href":"https:\/\/www.fanyamin.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1767"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.fanyamin.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1767"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.fanyamin.com\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1767"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}