Which service would you implement to define and organize user permissions, granting the necessary access to perform specific tasks without compromising on security?
Security Token Service (STS)
Identity and Access Management (IAM)
Key Management Service (KMS)
Simple Notification Service (SNS)