AWS Identity and Access Management is a web service that enables Amazon Web Services (AWS)customers to manage users and user permissions in AWS. The service is targeted at organizationswith multiple users or systems that use AWS products such as Amazon EC2, Amazon RDS, and theAWS Management Console. With IAM, you can centrally manage users, security credentials such asaccess keys, and permissions that control which AWS resources users can access. In addition tosupporting IAM user policies, some services support resource-based permissions, which let youattach policies to the service's resources instead of to IAM users or groups. Resource-basedpermissions are supported by Amazon S3, Amazon SNS, and Amazon SQS. The resource-levelpermissions service supports IAM policies in which you can specify individual resources using AmazonResource Names (ARNs) in the policy's Resource element. Some services support resource-levelpermissions only for some actions. Reference: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_SpecificProducts.html