AWS Federated User

From GM-RKB
Jump to navigation Jump to search

A AWS Federated User is an AWS Identity Management Entity that allows individuals to access AWS resources without requiring an AWS account, by using credentials from an external identity provider.

  • Context:
    • It can (typically) be authenticated through a process known as federation, which relies on standards such as SAML 2.0 or OpenID Connect.
    • It can (often) be part of an enterprise's access management strategy, enabling the use of existing authentication systems (like corporate directories) to manage access to AWS services.
    • It can (typically) be associated with IAM roles to define the permissions the federated user has within the AWS environment.
    • It can (often) be used in scenarios where temporary access to AWS resources is required, without the need to create IAM users directly in AWS.
    • It can benefit from AWS Single Sign-On (SSO) for managing access to multiple AWS accounts and applications using a single login.
    • ...
  • Example(s):
    • ...
  • Counter-Example(s):
    • A permanent IAM user created directly in AWS.
    • A non-authenticated public user accessing publicly available AWS resources, such as websites hosted on Amazon S3.
  • See: AWS IAM User, AWS Role, Identity Provider, SAML 2.0, OpenID Connect, AWS Single Sign-On (SSO).
Retrieved from "http://www.gabormelli.com/RKB/index.php?title=AWS_Federated_User&oldid=868114"