Difference between revisions of "AWS IAM role"
Jump to navigation
Jump to search
Line 13: | Line 13: | ||
* <code>[[rds-monitoring-role]]</code> | * <code>[[rds-monitoring-role]]</code> | ||
* [[AWS IAM federation]] | * [[AWS IAM federation]] | ||
− | * [[Switch role]]: <code>[[OrganizationAccountAccessRole]]</code> | + | * [[Switch role]] to [[accounts]]: <code>[[OrganizationAccountAccessRole]]</code> |
* <code>[[KarpenterNode]]</code> | * <code>[[KarpenterNode]]</code> | ||
* [[IRSA]] | * [[IRSA]] |
Revision as of 05:27, 6 September 2022
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html
Contents
Commands
aws iam list-roles
aws iam create-role
aws iam put-role-policy
aws iam get-role
aws iam create-service-linked-role
aws iam update-role
Related
- AWS service roles: https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html
Cannot attach a Service Role Policy to a Customer Role.
- AWS Policies: AWS trust policy
aws sts assume-role-with-saml
aws sts assume-role
Iam:GetRole
rds-monitoring-role
- AWS IAM federation
- Switch role to accounts:
OrganizationAccountAccessRole
KarpenterNode
- IRSA
AdministratorAccess
Activities
- Create a role for SAML federation https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_saml.html
- Read https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_compare-resource-policies.html
- Read Creating a role to delegate permissions to an IAM user: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user.html
See also
- AWS IAM role, AWS service roles, AWS IAM Roles Anywhere: [
list-roles | get-role | create-role | put-role-policy | create-service-linked-role | attach-role-policy | update-role | add-role-to-instance-profile ], aws ec2 describe-iam-instance-profile-associations ]
, IAM roles for EC2 instances,AWSServiceRoleForAutoScaling
aws iam
[create-user
,create-group, get-user
,list-users
|list-policies
|list-attached-user-policies
|attach-user-policy
|list-attached-user-policies
|list-roles
|get-account-summary
|put-group-policy | put-role-policy | put-user-policy
|create-login-profile
|aws iam delete-virtual-mfa-device
|aws iam list-virtual-mfa-devices
|aws iam create-saml-provider
|aws iam list-account-aliases
|aws iam create-role | aws iam change-password| enable-mfa-device | list-instance-profiles
- IAM: AWS IAM Identity Center, AWS Identity and Access Management, Google Cloud IAM, Azure IAM, SailPoint, CyberArk, CIAM, ForgeRock,
iam:ChangePassword
,aws iam
,AdministratorAccess
, Context keys, IAM Access Analyzer, AWS policy, AWS managed policies,IAMUserChangePassword
, AWS Roles, List of AWS policies, Resource-based policy,aws-iam-authenticator
, IRSA, RDS Authentication,AccessDenied
, AWS Authentication, AWS IAM external access analyzer
Advertising: