Technology
AWS IAM | Users , Roles, Groups, Policies | Learn With Sandip
Learn About AWS Identity and Access Management (IAM)
Master IAM Policy: https://www.youtube.com/watch?v=YQsK4MtsELU&ab_channel=AmazonWebServices
IAM Cheatsheet: https://www.youtube.com/watch?v=YQsK4MtsELU&ab_channel=AmazonWebServices
IAM points to remember by Piyush Jalan
1. IAM supports identity federation for delegated access to the AWS Management Console or AWS APIs.
2. With identity federation, external identities are granted secure access to resources in AWS account without having to create IAM users.
3. AWS SSO endpoint supports the IdP-initiated HTTP-POST binding WebSSO SAML Profile.
4. Users can programmatically request temporary security credentials for their federated users to provide them secure & direct access to AWS APIs.
5. There is no limit to the number of federated users who can be given access to the console.
6. Web identity federation allows users to create AWS-powered mobile apps that use public identity providers.
7. Using the temporary security credentials users get in the AssumeRoleWithWebidentity response, their app makes signed requests to AWS APIs.
8. In case of session time out, user is presented with a message stating that the console session has timed out and that they need to request a new session.
9. For GetFederationToken and GetSessionToken, users can specify a session limit between 15 minutes and 36 hours .
10. For AssumeRole* APIs, users can specify a session limit between 15 minutes and 12 hours.
#aws #iam #cloud #sandipdas
Master IAM Policy: https://www.youtube.com/watch?v=YQsK4MtsELU&ab_channel=AmazonWebServices
IAM Cheatsheet: https://www.youtube.com/watch?v=YQsK4MtsELU&ab_channel=AmazonWebServices
IAM points to remember by Piyush Jalan
1. IAM supports identity federation for delegated access to the AWS Management Console or AWS APIs.
2. With identity federation, external identities are granted secure access to resources in AWS account without having to create IAM users.
3. AWS SSO endpoint supports the IdP-initiated HTTP-POST binding WebSSO SAML Profile.
4. Users can programmatically request temporary security credentials for their federated users to provide them secure & direct access to AWS APIs.
5. There is no limit to the number of federated users who can be given access to the console.
6. Web identity federation allows users to create AWS-powered mobile apps that use public identity providers.
7. Using the temporary security credentials users get in the AssumeRoleWithWebidentity response, their app makes signed requests to AWS APIs.
8. In case of session time out, user is presented with a message stating that the console session has timed out and that they need to request a new session.
9. For GetFederationToken and GetSessionToken, users can specify a session limit between 15 minutes and 36 hours .
10. For AssumeRole* APIs, users can specify a session limit between 15 minutes and 12 hours.
#aws #iam #cloud #sandipdas
Add comment