Identity and Access Management (IAM) refers to processes and systems used to manage and control access to resources within a cloud computing environment. In AWS and Google Cloud this is simply called IAM; in Azure, it is called Active Directory.
IAM covers the way user accounts are created and managed (within an organization's larger cloud account); assigning permissions and privileges to users; and enforcing access controls that dictate which users have access to specific resources. IAM also includes authentication – i.e., verifying the identity of users as a precondition for allowing access to certain resources.
IAM is used to protect sensitive data from unauthorized access or alteration. It also plays a key role in meeting regulatory and compliance requirements, such as the General Data Protection Regulation (GDPR) and the Payment Card Industry Data Security Standard (PCI DSS).