- Le plus récent
- Le plus de votes
- La plupart des commentaires
This is a big topic and one that is difficult to fully address in one answer.
Using lots of roles isn't a good approach. You should not create individual roles. As the name indicates, a role represents a function, think of a role as "Finance User", or "IT User" - you would not make a role for each person in IT - that does not scale.
The concept of a role is analogous to a job function.
A role can have one more permission policies associated with it - and policies can be used in more than one role.
We would discourage the use of IAM Users - in preference to temporary credentials. In practice this is sometimes not easy to do. What would make more sense would be to use SSO from the AWS Identity Center - and use an IDP you probably already have in your company (Active Directory etc...) to authenticate to the console, and other AWS resource.
https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-your-identity-source-ad.html
Contenus pertinents
- demandé il y a 7 mois
- demandé il y a un an
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 4 mois
- AWS OFFICIELA mis à jour il y a 3 ans