IAM (Identity and Access Management) yana sarrafa wane zai iya yin abin da a AWS — sarrafa masu amfani, ƙungiyoyi, raina, da ikon. Yana da mahimmanci ga tsaron AWS: kowane aiki ana ba da izini ta hanyar IAM, saboda haka fahimtar shi yana da mahimmanci.
Abin da IAM ke sarrafa
IAM controls AUTHENTICATION (who you are) and AUTHORIZATION (what you can do):
USERS → individual identities (people or applications) with credentials
GROUPS → collections of users (assign permissions to a group → all its users get them)
ROLES → identities ASSUMED temporarily (by users, services, or AWS resources)
— no permanent credentials; key for services/cross-account access
POLICIES → JSON documents defining PERMISSIONS (what actions on what resources)
