Before we look at some of the recent enhancements made to IAM, here is a quick crash course on IAM for the uninitiated. AWS Identity and Access Management or IAM is a web service that provides secured access control mechanisms for all AWS services. You can use IAM to create users and groups, assigning users specific permissions and policies, and a lot more. The best part of all this is that IAM is completely FREE. Yup! Not a penny is required to use it.

Let's quickly look at some interesting features provided by AWS IAM:

• Multi-factor authentication: IAM allows you to provide two-factor authentications to users for added security. This means that now, along with your password, you will also have to provide a secret key/pin from a special hardware device, such as a hard token, or even from software apps such as Google Authenticator.
• Integration with other AWS products: IAM integrates with almost all AWS products and services and can be used to provide granular access rights and permissions to each service as required.
• Identity federation: Do you have an on-premise Active Directory already that has users and groups created? Not a problem, as IAM can be integrated with an on-premise AD to provide access to your AWS account using a few simple steps.
• Access mechanisms: IAM can be accessed using a variety of different tools, the most common and frequently used being the AWS Management Console. Apart from this, IAM can also be accessed via the AWS CLI, via SDKs that support different platforms and programming languages such as Java, .NET, Python, Ruby, and so on, and programmatically via a secured HTTPS API as well.

With the basics in mind, let us now look at some interesting and useful enhancements made to IAM in recent years.