IAM (Identity and Access Management)
Fresh
by Cloud identity, policy enforcement, and cross-account access controlSecurity and platform engineers who need fine-grained, auditable access control across AWS accounts and servicesFree tier
Policy-based identity and access control for all AWS services — users, roles, OIDC federation, permission boundaries, and Service Control Policies.
Features
Free Tier (12-month + always-free)all plansSavings Plans / Reserved Instancesall plansIAM Roles and Policy Engineall plansMulti-Region and Multi-AZ deploymentsall plansAWS Organizations and SCPsenterprise onlyAWS Control Tower (multi-account governance)enterprise onlyCloudFormation / CDK (IaC)all plansAWS CodePipeline / CodeBuild / CodeDeployall plansBedrock Agents (agentic AI orchestration)paid onlyBedrock Knowledge Bases (RAG)paid onlyLambda@Edge / CloudFront Functionspaid onlyAWS Marketplace (third-party software)all plansCloudWatch Logs Insights (log querying)paid onlyAWS GuardDuty (threat detection)paid onlyAWS Cost Explorer and Budgetsall plans
More from Amazon Web Services
- EC2 (Elastic Compute Cloud)
Virtual machine provisioning and lifecycle management
- S3 (Simple Storage Service)
Distributed object storage with HTTP API and lifecycle management
- Lambda
Serverless function execution with automatic scaling to zero
- RDS (Relational Database Service)
Managed RDBMS provisioning, patching, backup, and failover
- EKS (Elastic Kubernetes Service)
Managed Kubernetes control plane and node group orchestration
- CloudFront
Content delivery network with edge compute capabilities