Description

A Local Individual User in AWS refers to a specific IAM (Identity and Access Management) user created within an AWS account. This user is directly managed in AWS and is not federated or linked to any external identity provider. Local individual users are often used for specific tasks or access scenarios where direct AWS management is required.

Features

• Direct Management: Managed directly within AWS, independent of external identity providers.
• Specific Access Policies: Can be assigned precise permissions and policies to control access.
• Credential Management: Supports management of access keys, passwords, and multi-factor authentication (MFA).
• Audit and Logging: Activities are logged and can be monitored via AWS CloudTrail for security and compliance.
• User-Specific Roles: Can assume specific IAM roles as required for different tasks.

Limitations

• Scalability: Not ideal for large-scale user management compared to federated solutions.
• Manual Maintenance: Requires manual management of user credentials and policies.
• Security Risks: Increased risk if credentials are not properly managed or secured.
• Limited Integration: Does not integrate with external identity providers like SAML or OAuth.

Use Cases

• Break Glass User: A specialized user for emergency access when federated authentication fails, ensuring critical access is maintained.
• Automated Processes: Service accounts for automated scripts or processes that need AWS access without human intervention.
• Temporary Access: Users who need temporary or project-based access to AWS resources, allowing for easy creation and deletion.
• Testing and Development: Developers and testers needing isolated access to specific AWS resources for development and testing purposes.