You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -908,7 +908,7 @@ We are so thankful for every contribution, which makes sure we can deliver top-n
908
908
-[x] Allow the EC2 IAM role the permission to assume the AccessPII role.
909
909
-[ ] Allow the EC2 IAM role the permission to access the PII table.
910
910
-[ ] Include the AWS API in the application code logic to obtain temporary credentials from the EC2 IAM role to access the PII table.
911
-
-[x] Include the AssumeRole API operation in the application code logic to obtain temporary credentials to access the PII table.
911
+
-[x] Include the `AssumeRole` API operation in the application code logic to obtain temporary credentials to access the PII table.
912
912
-[ ] Include the GetSessionToken API operation in the application code logic to obtain temporary credentials to access the PII table.
913
913
914
914
**[⬆ Back to Top](#table-of-contents)**
@@ -1301,7 +1301,7 @@ We are so thankful for every contribution, which makes sure we can deliver top-n
1301
1301
1302
1302
-[ ] Use the Amazon Cognito user pools to get short-lived credentials for the second account.
1303
1303
-[ ] Create a dedicated IAM access key for the second account, and send it by mail.
1304
-
-[x] Create a cross-account access role, and use sts:AssumeRole API to get short-lived credentials.
1304
+
-[x] Create a cross-account access role, and use `sts:AssumeRole` API to get short-lived credentials.
1305
1305
-[ ] Establish trust, and add an SSH key for the second account to the IAM user.
1306
1306
1307
1307
**[⬆ Back to Top](#table-of-contents)**
@@ -1618,7 +1618,7 @@ We are so thankful for every contribution, which makes sure we can deliver top-n
1618
1618
-[ ] Use S3 bucket policies to restrict read access to specific IAM users.
1619
1619
-[x] Use Amazon Cognito to provide access using authenticated and unauthenticated roles.
1620
1620
-[ ] Create a new IAM user for each user and grant read access.
1621
-
-[x] Use the AWS IAM service and let the application assume the different roles using the AWS Security Token Service (AWS STS) AssumeRole action depending on the type of user and provide read access to Amazon S3 using the assumed role.
1621
+
-[x] Use the AWS IAM service and let the application assume the different roles using the AWS Security Token Service (AWS STS) `AssumeRole` action depending on the type of user and provide read access to Amazon S3 using the assumed role.
1622
1622
1623
1623
**[⬆ Back to Top](#table-of-contents)**
1624
1624
@@ -3332,8 +3332,8 @@ We are so thankful for every contribution, which makes sure we can deliver top-n
3332
3332
3333
3333
-[x] Use Amazon Cognito with web identity federation.
3334
3334
-[ ] Use Amazon Cognito with SAML-based identity federation.
3335
-
-[ ] Use AWS IAM Access/Secret keys in the application code to allow Get* on the S3 bucket.
3336
-
-[ ] Use AWS STS AssumeRole in the application code and assume a role with Get* permissions on the S3 bucket.
3335
+
-[ ] Use AWS IAM Access/Secret keys in the application code to allow `Get*` on the S3 bucket.
3336
+
-[ ] Use AWS STS `AssumeRole` in the application code and assume a role with `Get*` permissions on the S3 bucket.
0 commit comments