IuriiO Notebook
Home
Search…
Broken Code Notebook
Cloud
AWS
Resources
Compute
Storage & Data Management
Security & Compliance
IAM
Web Identity Federation
Organizations
Service Catalog
Tags and Resource Groups
STS
KMS
GuardDuty
Compliance
Marketplace Security Products
DDOS
Compliance Frameworks
High Availability
Monitoring & Reporting
Networking
Deployment & Provisioning
Automation & Optimization
Application Services
Serverless
Well-Architected Framework
Containers & Services
Docker
Kubernetes
Frontend
Resources
Design
Architecture and Design
Stuff
Japanese
Powered By GitBook
STS
Security Token Service
  • Grants users limited and temporary access to AWS resources. Users can come from these sources:
    • Federation (typically Active Directory)
      • Uses Security Assertion Markup Language (SAML)
      • Grants temporary access based off the user Active Directory credentials
      • Does not need to be a user in IAM
      • Single sign on allows users to login to AWS console without assigning IAM credentials
    • Federation with mobile apps
      • Use Facebook / Google / Amazon or other OpenID providers to login.
    • Cross account access
      • Let's users from one AWS account access resources in another AWS account
Previous
Tags and Resource Groups
Next
KMS
Last modified 2yr ago
Copy link