What is AWS IAM?
Who uses AWS IAM?
AWS IAM Integrations
Why developers like AWS IAM?
Here are some stack decisions, common use cases and reviews by companies and developers who chose AWS IAM in their tech stack.
In a 2015 AWS case study, Richard Crowley, Director of Operations said “with traditional IT, it would take weeks or months to contend with hardware lead times to add more capacity. Using AWS, we can look at user metrics weekly or daily and react with new capacity in 30 seconds.”
Slack needed to pick an infrastructure partner that could support the exponential growth they were experiencing. AWS is the cloud provider that supplied them with i2.xlarge Amazon Elastic Compute Cloud (Amazon EC2) instances for their LAMP stack, Amazon Simple Storage Service (Amazon S3) for user's file uploads and static assets, and ELB to Load Balance workloads across their EC2 instances.
For security, Slack went with Amazon Virtual Private Cloud (VPC) for controlling security groups and firewall rules and AWS Identity and Access Management (IAM) for controlling user credentials and roles.
In 2018, Slack signed an agreement with AWS to spend at least $50 million a year over five years, for a total of at least $250 million, according to the company’s filing with the SEC for a public stock listing (via CNBC)
AWS IAM's Features
- Manage IAM users and their access - You can create users in IAM, assign them individual security credentials (i.e., access keys, passwords, and Multi-Factor Authentication devices) or request temporary security credentials to provide users access to AWS services and resources.
- Manage IAM roles and their permissions - You can create roles in IAM, and manage permissions to control which operations can be performed by the entity, or AWS service, that assumes the role. You can also define which entity is allowed to assume the role.
- Manage federated users and their permissions - You can enable identity federation to allow existing identities (e.g. users) from your corporate directory or from a 3rd party such as Login with Amazon, Facebook, and Google to access the AWS Management Console, to call AWS APIs, and to access resources, without the need to create an IAM user for each identity.