IAM roles can help you manage user and application access to your MCS resources by using temporary security credentials for authentication instead of sharing long-term credentials. For example, you can create an IAM role that grants an application read and write permissions only to specific tables in your account. IAM roles can also be used to manage access for federated identities from a centralized identity provider, such as a corporate directory.
You can use IAM roles with MCS by using an authentication plugin for the open-source DataStax Java driver. The plugin enables you to add authentication information to your MCS API requests by using the Signature Version 4 Signing Process.
There is no additional cost to use the plugin, and support for the plugin is available in all AWS Regions where Amazon MCS is offered. Amazon MCS is available in preview in the US East (N. Virginia), US East (Ohio), EU (Stockholm), Asia Pacific (Tokyo), and Asia Pacific (Singapore) Regions.