Please enable JavaScript.
Coggle requires JavaScript to display documents.
STS, Changing the trust policy impacts legitimate users, changing the…
STS
Trust Policy
-
STS assume role call originates from an identity, could be an aws user, aws service or external web identity
Assume role calls are made via STS service. STS checks the role's Trust policy and checks the Permissions policy and then generates the temporary credentials
Temporary credentials - Access Key ID, Secret Access key, Session token, Expiration.
-
-
-
-
Can be internal identity or external identity such as google, FB
-
-
-
-
-
-