Blog

AWS IAM

IAM = Identity Access Management
Securely control access to AWS services and resources for your users
Create and manage users / groups

No region IAM is available throughout the world
Access key or Secret access key can only be used to programmaticly connect to AWS

IAM roles grant permissions to identities you trust

Security Token Services (STS)
Grant users limited and temporary access to AWS resources
Federation (AD)
Federation with mobile apps
Federation is combining or joining list of users
Identity broker service to join identities
Identity store example Active Directory
Identities are end users of a service like Facebook

  1. Develop an Identity broker to communicate with LDAP and AWS STS
  2. Identity broker always authenticates with LDAP first, then with AWS STS
  3. Application then gets temporary access to AWS resources

Related Posts

AWS RDS

Amazon Relational Database Service (Amazon RDS) Amazon RDS supports Amazon Aurora, MySQL, MariaDB, Oracle, SQL…

AWS Lambda

Lambda - server less application - lets you run code without provisioning or managing servers. …

Back To Top