Quando a gente usa a AWS qualquer coisa que fazemos passa pelo IAM, seja quando criamos uma instância...

AWS Builders's resource offers insights, tutorials, and resources for developers and architects building applications on Amazon Web Services (AWS). Readers can learn about AWS services, serverless architecture, and best practices for cloud-native development. With articles, tutorials, and reference architectures, AWS Builders provides  guidance and expertise for leveraging AWS to build scalable and cost-effective cloud applications.

AWS Builders

AWS IAM is a global access management tool provided by AWS. It controls authentication and authorization, and consists of users, groups, permission policies, roles, MFA, SSO, etc. IAM policies are written in JSON and have elements such as version, sid, statement, action, effect, resource, and condition. The evaluation logic of IAM policies involves an implicit deny, explicit deny, and allow. Roles in IAM are entities with defined permissions that can be assumed by users or services. RBAC is a traditional role-based access control model, while ABAC is an attribute-based access control model that uses attributes of users, resources, and environments to determine access.

AWS IAM — Identity and Access Management