You may want to skip this section if you’re already familiar with IAM. However, if you’re unfamiliar with it, we recommended you equip yourself with some basic knowledge of the service because IAM is at the foundation of nearly everything you do with AWS.
Interactions with AWS require both:
AWS provides and uses a service called Identity and Access Management (IAM) to accomplish authentication and authorization.
IAM implements authentication with Principals, which are entities such as IAM users, federated users from Google, Facebook, etc, IAM roles, AWS accounts, and AWS services.
IAM implements authorization with JSON documents called Policies.
As you learn about IAM policies, you may start to fall asleep. In that case, put your study in PARC:
IAM principals use credentials to interact with AWS. Credentials are a pair of special strings called an access key ID and secret access key.