Identity and Access Management. The cloud subsystem that decides who can do what to which resources.
Every cloud provider has an IAM service: AWS IAM, Azure RBAC plus Microsoft Entra ID, GCP IAM. These services hold the identities (users, service accounts, federated principals) and the policies that grant them permissions on cloud resources.
IAM is the highest-value target in a cloud breach. Privilege escalation via role assumption (T1548.005), credential theft via metadata-service abuse (T1552.005), and persistence via additional cloud credentials (T1098.001) all flow through the IAM control plane and surface in cloud audit logs as IAM API calls. DCV maps a substantial fraction of its coverage to IAM-derived findings.