1 Risposta
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
1
Hi, when using AWS Identity Center, programmatic access credentials become temporary. This fits more within the best practice recommendations of not having long life credentials. The AWS CLI can support integration with IAM Identity Center, https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html. A user would run the CLI login process. It will retrieve a temporary Access Key ID and Secret Access Key and use those for the session. The duration of the session can be configured within the Identity Center permission set. IAM based credentials can still be used, but the recommendation is they are limited to Service Access (as an example Automation tools or SaaS products that need access).
con risposta 2 anni fa
Contenuto pertinente
- AWS UFFICIALEAggiornata 3 anni fa
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata 2 anni fa
Thanks Jimmy. My scenario is what you are referring to in the last sentence...I need an account for Service Access, so it sounds like IAM is still the goto for that scenario. I appreciate the additional context for the CLI login process with the temp keys.