Where IAM controls access

Learn how AWS APIs work, what their role is, and what the IAM controls can access.

We'll cover the following

IAM controls access to AWS APIs only. While this is a broad surface, it does not contain everything.

Use of APIs in AWS

Writing an object to an S3 bucket is done through the API. Similarly, creating new buckets, changing the metadata of existing objects, and setting up bucket replication are all done through the API and thus protected by IAM.

Apart from S3, invoking Lambda functions, starting EC2 instances, getting a list of IAM users in the account is all done through their respective APIs.

Get hands-on with 1200+ tech skills courses.