Certified Security - Specialty

Sign Up Free or Log In to participate!

Resource access

Can I create a resource like an EC2 instance and give access to someone in our corporate ldap (without creating that user or mapping that user to the IAM credentials in AWS?

1 Answers

you would need to create a federation and map your ldap groups to AWS roles. then apply IAM policy to those roles.  Your ldap users would then have assigned aws roles based on their ldap group membership.  aws.amazon.com/identity/federation/

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?