Each federated user, ie. a user which has joined the RosettaHUB through an institution, has a dedicated AWS account. As a user you access your AWS account via an IAM user that RosettaHUB has created for you at the creation of the account. The policies attached to the IAM user define your perimeter of actions.To keep users within their perimeter of actions, RosettaHUB does not give direct access to the IAM service. However you
You can create IAM users and roles from the RosettaHUB console and assign them bespoke policies.When you create an IAM user AWS console or cli. You can also create IAM users and roles from the RosettaHUB console, the platform creates a user which has the intersection of your policies with the custom policy that you have specified. A user that is created with an Admin policy will have the same rights as your default user.by default all users created from the RosettaHUB console have access to the AWS console, they can be easily shared and you can assign them bespoke IAM policies.
IAM users are useful if you want to give access to your account to other users or groups but with a and limit on what permissions they can do have on your AWS account. This allows you for example to give access to AWS to users who do not have an AWS account or to give access to a specific S3 buckets to a group of users.