AWS Identity and Access Management

AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources for your users. You use IAM to control who can use your AWS resources (authentication) and what resources they can use and in what ways (authorization).

In other words, or rather a simpler definition of IAM is as follows:

AWS IAM allows you to control who can take what actions on which resources in AWS.

IAM manages users (identities) and permissions (access control) for all AWS resources. It is offered free of charge, so you don't have to pay to use IAM. It provides you greater control, security, and elasticity while working with AWS cloud.

IAM gives you the ability to grant, segregate, monitor, and manage access for multiple users inside your organization or outside of your organization who need to interact with AWS resources such as Simple Storage Service (S3) or Relational Database Service (RDS) in your AWS account. IAM integrates with AWS CloudTrail, so you can find information in logs about requests made to your resources in your AWS account; this information is based on IAM identities.

IAM is a centralized location for controlling and monitoring access control for all the resources in your AWS account.