aid: amazon-iam
name: Amazon IAM
description: Amazon Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely.
  Using IAM, you can create and manage AWS users, groups, roles, and policies, and use permissions to allow and deny their
  access to AWS resources. IAM is a feature of your AWS account offered at no additional charge.
type: Index
image: https://kinlane-productions.s3.amazonaws.com/apis-json/apis-json-logo.jpg
url: https://raw.githubusercontent.com/api-evangelist/amazon-iam/refs/heads/main/apis.yml
baseURL: https://iam.amazonaws.com
tags:
- Access Management
- Authentication
- Authorization
- AWS
- Identity
- Security
created: '2026-03-16'
modified: '2026-05-19'
specificationVersion: '0.19'
apis:
- aid: amazon-iam:aws-iam-api
  name: AWS IAM API
  description: The AWS IAM API provides programmatic access to manage users, groups, roles, policies, and access keys for
    securing access to AWS services and resources.
  humanURL: https://aws.amazon.com/iam/
  baseURL: https://iam.amazonaws.com
  tags:
  - Access Management
  - Authentication
  - Authorization
  - Identity
  - Security
  properties:
  - type: Documentation
    url: https://docs.aws.amazon.com/IAM/latest/APIReference/
  - type: OpenAPI
    url: openapi/amazon-iam-openapi.yml
  - type: APIReference
    url: https://docs.aws.amazon.com/IAM/latest/APIReference/
  - type: GettingStarted
    url: https://docs.aws.amazon.com/IAM/latest/UserGuide/getting-started.html
  - type: Pricing
    url: https://aws.amazon.com/iam/pricing/
  - type: FAQ
    url: https://aws.amazon.com/iam/faqs/
  - type: JSONSchema
    url: json-schema/amazon-iam-user-schema.json
  - type: JSONStructure
    url: json-structure/amazon-iam-user-structure.json
  - type: Example
    url: examples/amazon-iam-user-example.json
  - type: NaftikoCapability
    url: capabilities/amazon-iam-access-keys.yaml
  - type: NaftikoCapability
    url: capabilities/amazon-iam-groups.yaml
  - type: NaftikoCapability
    url: capabilities/amazon-iam-policies.yaml
  - type: NaftikoCapability
    url: capabilities/amazon-iam-roles.yaml
  - type: NaftikoCapability
    url: capabilities/amazon-iam-users.yaml
common:
- type: Portal
  url: https://aws.amazon.com/iam/
- type: Website
  url: https://aws.amazon.com/iam/
- type: Documentation
  url: https://docs.aws.amazon.com/IAM/latest/UserGuide/
- type: TermsOfService
  url: https://aws.amazon.com/service-terms/
- type: PrivacyPolicy
  url: https://aws.amazon.com/privacy/
- type: Support
  url: https://aws.amazon.com/support/
- type: Blog
  url: https://aws.amazon.com/blogs/security/
- type: GitHubOrganization
  url: https://github.com/aws
- type: Console
  url: https://console.aws.amazon.com/iam/
- type: SignUp
  url: https://portal.aws.amazon.com/billing/signup
- type: Login
  url: https://signin.aws.amazon.com/
- type: StatusPage
  url: https://health.aws.amazon.com/health/status
- type: YouTube
  url: https://www.youtube.com/user/AmazonWebServices
- type: StackOverflow
  url: https://stackoverflow.com/questions/tagged/amazon-iam
- type: Contact
  url: https://aws.amazon.com/contact-us/
- type: JSONLD
  url: json-ld/amazon-iam-context.jsonld
- type: SpectralRules
  url: rules/amazon-iam-spectral-rules.yml
- type: Vocabulary
  url: vocabulary/amazon-iam-vocabulary.yaml
- type: Features
  data:
  - name: User Management
    description: Create, manage, and delete IAM users with fine-grained permissions.
  - name: Role-Based Access Control
    description: Define IAM roles that can be assumed by users, services, or applications.
  - name: Policy Management
    description: Create and attach identity-based and resource-based policies to control access.
  - name: Multi-Factor Authentication
    description: Enable MFA for IAM users to add an extra layer of security.
  - name: Access Key Management
    description: Programmatically manage AWS access keys for long-term credentials.
  - name: Permission Boundaries
    description: Use permission boundaries to define the maximum permissions an entity can have.
  - name: Service Control Policies
    description: Centrally control the maximum available permissions across AWS accounts.
- type: UseCases
  data:
  - name: Least Privilege Access
    description: Grant only the permissions required for specific tasks to reduce the attack surface.
  - name: Cross-Account Access
    description: Enable users in one AWS account to assume roles in another account.
  - name: Service-to-Service Authorization
    description: Allow AWS services to access other services on your behalf through service roles.
  - name: Temporary Credentials
    description: Use STS to issue temporary security credentials for short-lived access.
  - name: Security Compliance
    description: Audit IAM configurations to ensure compliance with security policies and regulations.
- type: Integrations
  data:
  - name: AWS Organizations
    description: Apply Service Control Policies across multiple AWS accounts in an organization.
  - name: AWS CloudTrail
    description: Log all IAM API calls for auditing and compliance tracking.
  - name: AWS Config
    description: Monitor IAM configuration changes and evaluate compliance with rules.
  - name: AWS Security Hub
    description: Centralize IAM security findings with other AWS security services.
  - name: Amazon Cognito
    description: Federate Cognito user pool identities with IAM roles for application access.
- type: Integrations
  url: https://aws.amazon.com/marketplace
integrations:
- name: Sign in
- name: Agent Mode
- name: Why AWS Marketplace?
- name: Get started in AWS Marketplace
- name: Industry
- name: Resources
- name: Become a Channel Partner
- name: Sell in AWS Marketplace
- name: Manage Your Account
maintainers:
- FN: Kin Lane
  email: kin@apievangelist.com