Differences between an IAM User and Role

The main differences between an IAM User and an IAM Role are:

  1. Identity Association:

    • An IAM User is uniquely associated with a single person or application.
    • An IAM Role is not associated with a specific person, but can be assumed by anyone who needs it.
  2. Credentials:

    • IAM Users have long-term credentials like a password or access keys.
    • IAM Roles do not have long-term credentials. Instead, they provide temporary security credentials when the role is assumed.
  3. Use Cases:

    • IAM Users are typically used for individual users or applications that require long-term access to AWS resources.
    • IAM Roles are used for scenarios where you want to grant temporary access to AWS resources, such as when an EC2 instance needs to access other AWS services.
  4. Permissions:

    • Both IAM Users and IAM Roles can be granted specific permissions using IAM policies.
    • The permissions for an IAM Role are defined by the policies attached to the role, and can be assumed by any entity that has been granted permission to do so.

Comments

Popular posts from this blog

Difference b/w General-purpose and a Directory bucket in Amazon S3

How to reduce the EBS snapshots storage cost

Difference between full snapshots and incremental snapshots

Snapshot storage tier types and cost difference

Where the EBS snapshot stores and snapshot charges

Key features of Amazon S3

Pros and cons of On-Demand, Reserved, Spot and Saving Plans EC2 instances

How burstable CPU performance works in T series EC2 instances

AWS Storage types