AWS IAM is a global access management tool provided by AWS. It controls authentication and authorization, and consists of users, groups, permission policies, roles, MFA, SSO, etc. IAM policies are written in JSON and have elements such as version, sid, statement, action, effect, resource, and condition. The evaluation logic of IAM policies involves an implicit deny, explicit deny, and allow. Roles in IAM are entities with defined permissions that can be assumed by users or services. RBAC is a traditional role-based access control model, while ABAC is an attribute-based access control model that uses attributes of users, resources, and environments to determine access.
Sort: