# Authentication and authorization
<a name="authentication"></a>

AWS Identity and Access Management (IAM) provides fine-grained access control across the entire AWS platform. You can use IAM to specify who can access which services and resources, and under which conditions. IAM policies let you manage permissions to your workforce and systems to ensure least privilege permissions. [Least privilege](https://docs.aws.amazon.com/wellarchitected/latest/framework/sec-design.html) is an AWS Well-Architected Framework best practice for building securely in the cloud. 

The following sections explain how you can use IAM and Amazon Cognito in your authentication, authorization, and user management tasks.

**Topics**
+ [Using IAM in development environments](iam-development.md)
+ [Using IAM in production environments](iam-production.md)
+ [Using Amazon Cognito](cognito.md)