Follow these best practices for using AWS Identity and Access Management (IAM) to help secure your AWS account and resources.| docs.aws.amazon.com
August 1, 2025: This post was updated to clarify the security boundaries between containers and instances. July 9, 2025: This post was updated to clarify security boundaries in Amazon ECS. January 11, 2024: We’ve updated this post to include information about Amazon GuardDuty Runtime Monitoring for Amazon ECS clusters. If you’re looking to further enhance […]| Amazon Web Services
Learn about users identities and federation in AWS Identity and Access Management (IAM).| docs.aws.amazon.com
Learn how to scale Terraform on AWS using Atlantis. Explore best practices for workflows, IAM, state management, drift detection, and CI/CD| ControlMonkey
Parameters| min.io
Before you use IAM to manage access to Amazon S3, learn what IAM features are available to use with Amazon S3. Identity-based policies Yes Resource-based policies Yes Policy actions Yes Policy resources Yes Policy condition keys (service-specific)| docs.aws.amazon.com
How to authenticate requests and manage access to your Amazon S3 resources.| docs.aws.amazon.com
Learn the basic terms and concepts of AWS Organizations.| docs.aws.amazon.com
Learn how to use OpenID Connect to establish a trust relationship between AWS & a Kubernetes cluster to grant pods access to AWS services.| developer-friendly.blog
Use grants to allow access to AWS KMS keys in AWS Key Management Service (AWS KMS).| docs.aws.amazon.com
Describes the Principal element of the AWS JSON policy language.| docs.aws.amazon.com
July 27, 2021: We’ve updated the link to the 2019 re:Invent session on this topic. Since it first launched over 10 years ago, the Amazon EC2 Instance Metadata Service (IMDS) has helped customers build secure and scalable applications. The IMDS solved a big security headache for cloud users by providing access to temporary, frequently rotated […]| Amazon Web Services
Create identity providers, which are entities in IAM to describe trust between a SAML 2.0 or OpenID Connect (OIDC) identity provider and AWS.| docs.aws.amazon.com
Learn what Amazon SageMaker AI execution roles are and how to use them.| docs.aws.amazon.com
Describes resource names (friendly names, identifiers, unique IDs, paths, and ARNs) for AWS Identity and Access Management (IAM) resources such as users, IAM groups, roles, policies, and certificates.| docs.aws.amazon.com
Learn how and when to use IAM roles.| docs.aws.amazon.com
Describes each of the AWS global condition keys available to use in IAM policies.| docs.aws.amazon.com
An introduction to the Instance Metadata Service and how to access it.| hackingthe.cloud
Recently I decided to sit down and futher lock down my personal AWS account. I haven’t used it for much other than S3 storage of macOS installers and in turn had not configured things as securely as I would have liked. The following post walks you through how to lock down an AWS account that is used by a single user. A lot of the recommendations apply just as much to an account with multiple users as well.| Scott Knight
This page describes Spacelift's native integration with AWS, which allows users to generate short-lived credentials for runs and tasks orchestrated by Spacelift.| docs.spacelift.io
There can be times when you're working on the AWS Cloud where you need to grant limited access to your account to a third-party. For example: A contractor or a specialist needs to perform some work on your behalf You're having AWS Professional Services or a partner from the Amazon Partner Network do some work in your account You're conducting a pilot with AWS and you want your friendly neighborhood Solutions Architect to review something In each of these cases you likely want to grant the per...| packetmischief.ca