Advanced identity Flashcards
What is AWS STS (Security Token Service)
Enables you to create temp, limited privelges credentials to access your AWS resources
Short-term crednetials: you configure expiration period
What are use cases for STS (Security Token Service)
identity federation - manage user identities in external systems
IAM Roles for cross/same account access
IAM Roles for Amazon EC2: provide temporary credentials for EC2 instance to access AWS resources
What is AWS Cognito
Identify for your Web and Mobile apps users
Instead of creating them an IAM user, you create a user in Cognito
What is AWS Managed Microsoft AD
Create your own AD in AWS, manage users locally supports MFA
Establish trust connections with your on-premise AD
What is AD Connector
Directory Gateway (proxy) to redirect to on-premise AD Users are managed on the on-premise AD
What is Simple AD
AD-compatible managed directory on AWS
Cannot be joined with on-premise AD
What is AWS Single Sign-On (SSO)
Centrally manage Single Sign-On to access multiple accounts and 3rd-party business applications
Supports SAML 2.0 markup
Integration with on-premise Active Directory
What is STS (Security Token Service
Temporary, limited-privileges credentials to access AWS resources
