Summary
You should enforce the use of strong passwords by your users by creating a password policy in IAM. Ideally, you should also require multi-factor authentication (MFA).
Programmatic and command-line access to resources is authenticated using security credentials consisting of an access key ID and a secret access key. SSH access to EC2 Linux instances must be authenticated using a key pair generated by AWS—the private key must be installed on the client (user) computer.
You can efficiently control resource access for large numbers of users with different access needs through IAM groups. The principle of least privilege supports giving your users and groups only the minimum permissions they’ll need to do their jobs.
An IAM role is a set of permissions permitting access to a beneficiary process to a defined set of resources. This is an important tool for securely enabling functionality between parts of your AWS infrastructure.
You can review important information on...
