cloud-security

IAM Roles

Cloud IAM Roles

Definition

Cloud IAM roles are collections of permissions that can be assigned to cloud identities (users, groups, service accounts, or workloads) to control what actions they may perform on cloud resources. Unlike long-lived credentials, role-based access in cloud environments uses temporary credentials assumed via role assumption, eliminating static secret management.

Least-privilege role design — granting only the specific permissions needed — is the primary defense against privilege escalation in cloud environments.

Related Terms

CIEM

Cloud Infrastructure Entitlement Management

Permission Boundaries

IAM Permission Boundaries

IRSA

IAM Roles for Service Accounts

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product