AWS IAM integration with Amazon EMR
The AWS Identity and Access Management (IAM) service assists in integrating authentication and authorization mechanisms on top of AWS services or APIs. You can use IAM users, groups, or roles to define permission policies.
In Amazon EMR, using IAM identity-based policies, you can define which IAM user, group, or role can access which specific resources and, on a specific resource, which actions are allowed or denied. You can also specify conditions on which basis a specific action on a resource is allowed, or not. Please note that Amazon EMR does not support resource-based policies.
The following are the three primary components of an IAM policy: