AWS IAM Principal (Dictionary Entry)

Owned by David Doret (Open Measure)
Last updated: 10-31-2021
1 min read

AWS IAM Principal

Definitions

Definition 1 AWS

In AWS, a Principal is any identity belonging to one of the following classes of AWS objects:

  • Anonymous User

  • Assumed-role Session

  • AWS Account

  • AWS Account Root User

  • AWS Service

  • Federated User (using web identity or SAML federation)

  • IAM Users

  • IAM Role

Principals have the following key characteristics:

  • They may be trusted to assume IAM Roles

  • They may be granted or denied access permissions via AWS Policies

  • Their unique identifier is the AWS ARN

Related Terms

Quotes

Principal

A principal is a person or application that can make a request for an action or operation on an AWS resource. The principal is authenticated as the AWS account root user or an IAM entity to make requests to AWS. As a best practice, do not use your root user credentials for your daily work. Instead, create IAM entities (users and roles). You can also support federated users or programmatic access to allow an application to access your AWS account.

(AWS, 11/2020, p. 5)
(Online: https://docs.aws.amazon.com/IAM/latest/UserGuide/intro-structure.html#intro-structure-principal)

Bibliography

See Also

Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.

This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.