AWS Identity and Access Management (AWS IAM) is a foundational security service on AWS which enables you centrally manage who or what can access your AWS account and actions are permitted.
This service allows you to create identities (also known as principals) and then define policies (permissions) for those principals. This important feature means you can define granular permissions and ensure that your principals are granted permissions following the principle of least privilege. The service also allows you to define access methods for your identities, an account-wide password policy definition, set up multi-factor authentication and configure identity federation.
Watch the video here: