Identity and Access Management for Amazon EC2 Auto Scaling
AWS Identity and Access Management (IAM) is an AWS service that helps an administrator securely control access to AWS resources. IAM administrators control who can be authenticated (signed in) and authorized (have permissions) to use Amazon EC2 Auto Scaling resources. IAM is an AWS service that you can use with no additional charge.
To use Amazon EC2 Auto Scaling, you need an AWS account and your security credentials for signing into your account. For more information, see AWS security credentials in the IAM User Guide.
For complete IAM documentation, see the IAM User Guide.
Access control
You can have valid credentials to authenticate your requests, but unless you have permissions you cannot create or access Amazon EC2 Auto Scaling resources. For example, you must have permissions to create Auto Scaling groups, launch instances with launch templates, and so on.
The following sections provide details on how an IAM administrator can use IAM to help secure your Amazon EC2 Auto Scaling resources, by controlling who can perform Amazon EC2 Auto Scaling actions.
We recommend that you read the Amazon EC2 topics first. See Identity and access management for Amazon EC2 in the Amazon EC2 User Guide. After reading the topics in this section, you should have a good idea what access control permissions Amazon EC2 offers and how they can fit in with your Amazon EC2 Auto Scaling resource permissions.
Topics
- How Amazon EC2 Auto Scaling works with IAM
- Amazon EC2 Auto Scaling API permissions
- AWS managed policies for Amazon EC2 Auto Scaling
- Service-linked roles for Amazon EC2 Auto Scaling
- Amazon EC2 Auto Scaling identity-based policy examples
- Cross-service confused deputy prevention
- Control Amazon EC2 launch template usage in Auto Scaling groups
- IAM role for applications that run on Amazon EC2 instances