Thanks for the video. Great explanation. So, If I want to give temporary access to someone, I create user account for him(if not existed already) and assign him a role. Once he's done, I'd unassign the role and even delete the user. Am I right? But why not create the user and add policies to give him access and once he is done, remove policies?
Really depends on what you mean by temporary... a couple hours vs a few months is diifferent. For a few months... Make a user and attach a policy :) Then delete the user.
I actually enjoyed the music and I definitely enjoy the visuals. Answer to your question is: Set up an temp IAM role and give permissions in what is needing done only, with some sort of trust policy.
Good job! one thing though I couldn't get 1 Role to be assumed by multiple users. I tried to add principal (user ARN) in the Trust Policy but I keep getting error. Can I add another user ARN to this { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::111111111111:user/John" }, "Action": "sts:AssumeRole" } ] } Thank you.
Yes, exactly, Roles are only for AWS internal resources🚀 Depending on how you set up your api you will only need an access key. If you are talking about external users (not developers but users of the app)... Normally you would use something like cognito to handle auth for external users. You make a cognito user pool and connect it to the sign up form on your app. Then you give users within the pool access to the api. This article explains it in depth. medium.com/swlh/how-to-protect-apis-using-amazon-cognito-user-pool-723c471a3468. I wouldn't actually follow this article, it's just for getting an idea of what's going on behind the hood. Amplify makes auth much simpler aws.amazon.com/amplify/authentication/ Hope this helps😛
what's wrong with that? I was about to fall asleep studying AWS for about a month now and still having difficulties trying to understand IAM..then search for videos for explanation, found this, and boom suddenly wide awake! the musics good!
informative video but background music is annoying and disctracting
music is COMPLETE disaster - why so many RUclipsrs trying to be DJs? Cannot tell if this is good info or not......
I think you remove background music as it’s very distracting
You're not the only person to say this... and all my new videos now have lower bg music.
I hope you enjoy the new ones :)
Thanks for the video. Great explanation.
So, If I want to give temporary access to someone, I create user account for him(if not existed already) and assign him a role. Once he's done, I'd unassign the role and even delete the user. Am I right?
But why not create the user and add policies to give him access and once he is done, remove policies?
Really depends on what you mean by temporary... a couple hours vs a few months is diifferent.
For a few months... Make a user and attach a policy :) Then delete the user.
@@dylanalbertazzi Thanks!
same my question , that's great.
great question.
I actually enjoyed the music and I definitely enjoy the visuals.
Answer to your question is:
Set up an temp IAM role and give permissions in what is needing done only, with some sort of trust policy.
Great explanation! Thank you!!!
Glad it was helpful!
Perfect explanation, thank you!!
Good job! one thing though I couldn't get 1 Role to be assumed by multiple users. I tried to add principal (user ARN) in the Trust Policy but I keep getting error. Can I add another user ARN to this {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::111111111111:user/John"
},
"Action": "sts:AssumeRole"
}
]
}
Thank you.
short and simple. very informative. Thanks
great explanation, but background music seems to be too loud
Thank you so much my fellow Dylan!
You are so welcome!
Bruh such a good explanation thanks. Music is too loud though but great explanation.
Thanks a lot!
Roles are only for AWS internal resources, right? For external applications making AWS api calls, they still need a user, and an access key, correct?
Yes, exactly, Roles are only for AWS internal resources🚀
Depending on how you set up your api you will only need an access key.
If you are talking about external users (not developers but users of the app)...
Normally you would use something like cognito to handle auth for external users. You make a cognito user pool and connect it to the sign up form on your app. Then you give users within the pool access to the api.
This article explains it in depth. medium.com/swlh/how-to-protect-apis-using-amazon-cognito-user-pool-723c471a3468.
I wouldn't actually follow this article, it's just for getting an idea of what's going on behind the hood. Amplify makes auth much simpler aws.amazon.com/amplify/authentication/
Hope this helps😛
Background music is distracting
Can't hear what you have been saying. Loud music. Quitting...
so understanding!!!
Great explanation.. Ty!
the background music is louder than your voice.
too noisy music
omg that music what was he thinking
what's wrong with that? I was about to fall asleep studying AWS for about a month now and still having difficulties trying to understand IAM..then search for videos for explanation, found this, and boom suddenly wide awake! the musics good!
ugh the music is so obnoxious i couldn't watch this
Good work otherwise damaged by very distracting background music, I couldn't even finish watching
Your explanations are great! But the way you move your hands around while talking is quite confusing and exaggerated, and the music is too loud.
Useful video, but please don't annoy your viewers with music. If I want to listen to music I wouldn't be searching for AWS and IAM.
Nice except for the background music
Your voice too low pls dont put music in
Please remove that music. You are ruining a great video.
I've received that feedback a handful of times and have stopped using it in future vids.
Lmao simple? Aws iam is an absolute disaster
Thanks for the wonderfull explanation!!