Security Token Service (STS) creates temporary security credentials – short time use (A few minutes to several hours).Continue reading “[AWS] Security Token Service (STS)”
Identity and Access Management (IAM) provides the centralized management of your AWS account. It manages who can access what in your AWS services. Access control is done via policies that can be attached to users, groups, and roles.
- IAM is a global service that is not tied to a region.
- Users and policies can be used globally.
- Users are given long-term credentials to access AWS resources (username/password or access keys).
- Roles allow for short-term access to resources when assumed, using temporary access credentials.
- IAM can work with Identity Federation such as Active Directory or Web Identity Federation (Facebook, Google, etc.)