AWS Identity and Access Management (IAM) Pros and Cons

Monitoring is one part which is very essentials eg, VPC flow logs, s3 logs, API logs, system logs with aggregators etc . But analysing the logs as centralized hub , security hub provides the context. Along side coming to compliance , macie with its AI ML models , able to identify PII in S3. More that these, custome logs can also be formatter into ASAF using services like Lamba intervined. Which threat own threat intelligence capablitiy and custom integration to SIEM solution offers visibility across the environment. Apart from service, aws provides a lot of resources for industary standards and that keeps us upto date and skilled. Support is alwasys a second option , as I get everything from easy documented materials. Day to day getting used, gave a clear explames of scenarios where I can act upon a breach or an event with the available service. which helped me to understand the risks and what security controls are needed. Review collected by and hosted on G2.com.

Image recongnikition where photocopies of Sensitive information are elsewhere, not sure where to get the docs. But with few service capablities, was able to do it. Review collected by and hosted on G2.com.

IAM has roles, policies and users which we can manage all in one place, I can allow some resource to access read write another resource or I can allow one user access to something or not. It helps a lot with access management while using lambda functions. Not every lambda has to have access to everything. It is very frequently used to give access to lambda functions. The integration is very easy it is directly attached using the console and needs policy names on SAM templates to give access. Review collected by and hosted on G2.com.

It is a sopisticated program, works all of the time, but writing custom policies and attaching inline policies could have been made easier with policy builders but you can do that already upto some extent. Implementation on SAM templates could have been easier. Review collected by and hosted on G2.com.

IAM makes access management very easy and enable it pod level and as well as application level. It gives better security to avoid unauthorised access. Review collected by and hosted on G2.com.

Nothing as such about IAM, very useful feature. Review collected by and hosted on G2.com.

I like the feature where you can create user groups so that you create a policy once and that can be applied to multiple users at once. One user can also belong to multiple groups which again makes it easier to assign different policies for the same user Review collected by and hosted on G2.com.

I personally felt the billing split for the users and the services they should be more detailed. I don't if it's the UI issue or the issue with feature itseld but sometimes I can't figure how to to exactly see how much a specific user has spent on a specific service Review collected by and hosted on G2.com.

Aws identity and Access Management(IAM) is easy to use and you can manage role, policies and permission via Management console as well as CLI. We can also integration third party identity provider. It provides detailed logging of user activity. Review collected by and hosted on G2.com.

AWS identity and Access Management(IAM) does not support application and SSO feature. It is only Limited to managing access to AWS resources. Also you can only create limited number of groups and users by default. It is Complex to set up and manage for larger organizations. Review collected by and hosted on G2.com.

AWS IAM provides and suit for managing users for your specific domain and organization, the best part is we can Give User based and Role based acess control to maintain security, AWS IAM makes easy to assign specific privileges to an user ,exept this AWS IAM have rich features like policy alocation and many more. Review collected by and hosted on G2.com.

sometimes aws IAM lacks support because of limited resources. they should improve it Review collected by and hosted on G2.com.

AWS cloud security provides better security and identity management which allows user for accessing the instances very easily Review collected by and hosted on G2.com.

need improvement in refresh rate in user interface. when we start to create AMI of instance its loading time may be reduced. Review collected by and hosted on G2.com.

IAM: AWS IAM provides fine-grained control over user permissions and supports multi-factor authentication (MFA), adding an extra layer of security.

Monitoring and threat detection are one of the best. I used services like Amazon GuardDuty and AWS Security Hub in our organization quite often. Review collected by and hosted on G2.com.

Integrating certain third-party security tools may pose challenges due to compatibility issues or the need for additional configuration.

Some users may find the AWS Cloud Security interface a bit confusing and not very user-friendly. Review collected by and hosted on G2.com.

We are using AWS Identity and Access Management (IAM) to provide granular access to work with AWS services to provide just the suitable access at all levels, it is easy to use and on console, even non-IT people are able to get it done, and a number of features are significant from user to a user group or policies for the level access that can be easily implemented and integrated with a number of services, and entry gate to AWS so it is frequently used. Review collected by and hosted on G2.com.

AWS IAM is a must-used service but as you work on it a number of AWS services are used it becomes complex and unmanaged and access issues are persistent because sometimes even after providing with significant level of access. AWS services won't work till you provide full access to that service which can't be security best practice. Only a limited number of policies ten or so can be attached to a user. Review collected by and hosted on G2.com.

AWS has good number of services which are best among all Cloud service providers for me like AWS Transist Gateway to support Hub and Spoke architecture, AWS WAF and Shield for L3,L4 & L7 attacks, AWS IAM, AWS Gurd duty, AWS Inspector etc Review collected by and hosted on G2.com.

AWS Shield advance service needs an improvement to protect from every type of DDoS attacks as it was failed twice to detect DDoS attacks and failed to protect our resources and systems where inaccessible during DDoS attack simulation Review collected by and hosted on G2.com.