AWS Identity and Access Management (IAM) now supports AWS PrivateLink in all commercial AWS Regions. With IAM, you can specify who or what can access services and resources in AWS by creating and managing resources such as IAM roles and policies. You can now establish private connection between your virtual private cloud (VPC) and IAM to manage IAM resources, helping you meet your compliance and regulatory requirements to limit public internet connectivity.
By using PrivateLink with IAM and with AWS Security Token Service (STS), which already supports PrivateLink, you can now manage your IAM resources such as IAM roles and request temporary credentials to access your AWS resources end to end without going through public internet. For more information about PrivateLink and IAM, please see the IAM User Guide.
Source:: Amazon AWS