Cloud IAM is a distributed access control framework that governs who (identity) can perform what actions (authorization) on which resources across multi-cloud and hybrid environments. It enforces least privilege, enables centralized policy management, and secures both human and non-human identities through authentication protocols, role assignments, and continuous verification. Modern IAM integrates zero trust principles, treating every access request as potentially hostile until cryptographically verified, and shifts from static permission models to attribute-based and policy-as-code approaches that adapt to context, risk signals, and organizational boundaries. Understanding IAM deeply means recognizing that identity is the new perimeter—protecting resources no longer relies on network boundaries but on proving, granting, and auditing every identity interaction across the software supply chain.