Security Token Service

Solution Architect Associate

Developer Associate

Security Specialty

AWS Documentation

• Grants users limited and temporary access to AWS resources.
• Users can come from three sources:
  • Federation (typically Active Directory)
    • Uses SAML
    • Grants temporary access based off the users AD credentials.
    • User does not need to be a user in IAM
    • Allows sign in to AWS console without assigning IAM credentials
    • Tokens from Federation can be between 1 and 36 hours

< Previous: Shield Next: WAF >