Skip to content
1. AWS Identity and Access Management (IAM)
AWS Identity and Access Management (IAM)
IAM Elements
IAM Authentication Methods
IAM Users
IAM Groups
IAM Roles
IAM Policy
Permission Boundary
IAM Policy Evaluation Logic
IAM Best Practices
Misc
Share
Explore

IAM Groups

Definition: A collection of IAM users. Policies can be attached to groups to manage permissions for multiple users simultaneously.
Characteristics
Non-Principal: A group itself is not an identity and cannot be identified as a principal in an IAM policy.
Permission Management: Groups are used to assign permissions to users collectively, simplifying management.
Best Practices
Least Privilege: Apply the principle of least privilege when assigning permissions to groups. Only grant permissions that are necessary for the group's function.
No Nesting: Groups cannot be nested (i.e., you cannot create groups within groups).
image.png

image.png
Want to print your doc?
This is not the way.
Try clicking the ··· in the right corner or using a keyboard shortcut (
CtrlP
) instead.