AWS Access Managed Quick
Use Cases and Deployment Scope
We use a number of services at AWS including S3, EC2, RDS, RedShift, Route53, and more. In order to safely secure these services. We use AWS Identity & Access Management to create service roles with the minimum needed access for all applications we run on these services. Additionally, we use AWS SSO to manage user access to these services.
Pros
- Customized access per key to limit scope
- Safely distributes access keys
- Provides access audits
Cons
- Better integration with roles and policies so you don't need three windows open to create a new IAM user
- Display recommended configurations based on services being used
- Easier options to base config on existing users
Likelihood to Recommend
AWS Identity & Access Management is well suited to managing AWS application access between services. Very helpful for both third-party products and in-house developed software. Very happy with how easy it is to create access keys and then share them in our environment. AWS IAM can also be used to manage individual users, but I highly recommend using AWS SSO for that purpose instead. Much easier to deploy for console access and from a security side easier to turn off in one click from your SSO provider.
