Security Token Service (STS) creates temporary security credentials – short time use (A few minutes to several hours).
- STS API calls return a credential, which has 3 components
- Security Token
- Access Key ID
- Secrete Access Key
- Types of Tokens
- There is no need to pass or save credentials in an application or an instance.
- Use Cases
- Identity Federation (SAML – Security Assertion Markup Language, Web Identity Federation)
- Roles for Cross Account Access
- Roles for EC2 instances