Tag: roles

When you need to grant access to your AWS resources to a third party, we recommend you do so using an IAM role with external ID. In this post, Josh Bean, a programmer writer on the AWS Identity and Access Management (IAM) team, walks you through a scenario to show you how. At times, you […]

If you use AWS CloudTrail to log API calls in your account, you can share your log files with other AWS accounts, whether you own those accounts or not. In this post, Greg Pettibone, a technical writer on the CloudTrail team, walks through some cross-account scenarios to show you how. AWS CloudTrail captures information about […]

AWS announced yesterday that Amazon Elastic MapReduce (EMR) added support for federated users. If you use Amazon EMR, you can now enable users to administer Amazon EMR clusters who are signed in to your corporate network using their corporate credentials—you no longer need to create IAM users for access to EMR. Up to now, federated […]

When you launch an Amazon EC2 instance, you can associate an AWS IAM role with the instance to give applications or CLI commands that run on the instance permissions that are defined by the role. When a role is associated with an instance, EC2 obtains temporary security credentials for the role you associated with the […]

July 26, 2017, update: We recommend that you use cross-account access by switching roles in the AWS Management Console. Also see the related documentation: Switching to a Role (AWS Management Console). Last December we described how you can delegate access to your AWS account using IAM roles. Using IAM roles, you can take advantage of […]

If you have applications running on EC2 that also access other AWS services like Amazon S3 or Amazon DynamoDB, then these applications require credentials out on the EC2 instance.  You can hard-code AWS access keys into your application, but you’re faced with the added responsibility of distributing them to the instance securely and then the […]