Skip to end of banner
Go to start of banner

AWS IAM Temporary Security Credentials (Dictionary Entry)

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

AWS IAM Temporary Security Credentials

Definitions

Definition 1 AWS

A temporary on-demand business role in AWS. Once an identity is granted permission to assume a role, the identity may assume that role by demanding it. It then inherits all of the access permissions linked to it.

Related Terms

Quotes

Temporary security credentials in IAM

You can use the AWS Security Token Service (AWS STS) to create and provide trusted users with temporary security credentials that can control access to your AWS resources. Temporary security credentials work almost identically to the long-term access key credentials that your IAM users can use, with the following differences:

• Temporary security credentials are short-term, as the name implies. They can be configured to last for anywhere from a few minutes to several hours. After the credentials expire, AWS no longer recognizes them or allows any kind of access from API requests made with them.

• Temporary security credentials are not stored with the user but are generated dynamically and provided to the user when requested. When (or even before) the temporary security credentials expire, the user can request new credentials, as long as the user requesting them still has permissions to do so.

These differences lead to the following advantages for using temporary credentials:

• You do not have to distribute or embed long-term AWS security credentials with an application.

• You can provide access to your AWS resources to users without having to define an AWS identity for them. Temporary credentials are the basis for roles and identity federation.

• The temporary security credentials have a limited lifetime, so you do not have to rotate them or explicitly revoke them when they're no longer needed. After temporary security credentials expire, they cannot be reused. You can specify how long the credentials are valid, up to a maximum limit.

(AWS, 11/2020, p. 301)
(Online: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html)

Bibliography

See Also

  • No labels

Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.

This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.