I actually enjoyed the music and I definitely enjoy the visuals. Answer to your question is: Set up an temp IAM role and give permissions in what is needing done only, with some sort of trust policy.
Thanks for the video. Great explanation. So, If I want to give temporary access to someone, I create user account for him(if not existed already) and assign him a role. Once he's done, I'd unassign the role and even delete the user. Am I right? But why not create the user and add policies to give him access and once he is done, remove policies?
Really depends on what you mean by temporary... a couple hours vs a few months is diifferent. For a few months... Make a user and attach a policy :) Then delete the user.
Good job! one thing though I couldn't get 1 Role to be assumed by multiple users. I tried to add principal (user ARN) in the Trust Policy but I keep getting error. Can I add another user ARN to this { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::111111111111:user/John" }, "Action": "sts:AssumeRole" } ] } Thank you.
Yes, exactly, Roles are only for AWS internal resources🚀 Depending on how you set up your api you will only need an access key. If you are talking about external users (not developers but users of the app)... Normally you would use something like cognito to handle auth for external users. You make a cognito user pool and connect it to the sign up form on your app. Then you give users within the pool access to the api. This article explains it in depth. medium.com/swlh/how-to-protect-apis-using-amazon-cognito-user-pool-723c471a3468. I wouldn't actually follow this article, it's just for getting an idea of what's going on behind the hood. Amplify makes auth much simpler aws.amazon.com/amplify/authentication/ Hope this helps😛
informative video but background music is annoying and disctracting
I actually enjoyed the music and I definitely enjoy the visuals.
Answer to your question is:
Set up an temp IAM role and give permissions in what is needing done only, with some sort of trust policy.
I think you remove background music as it’s very distracting
You're not the only person to say this... and all my new videos now have lower bg music.
I hope you enjoy the new ones :)
Great explanation! Thank you!!!
Glad it was helpful!
Perfect explanation, thank you!!
short and simple. very informative. Thanks
Thanks for the video. Great explanation.
So, If I want to give temporary access to someone, I create user account for him(if not existed already) and assign him a role. Once he's done, I'd unassign the role and even delete the user. Am I right?
But why not create the user and add policies to give him access and once he is done, remove policies?
Really depends on what you mean by temporary... a couple hours vs a few months is diifferent.
For a few months... Make a user and attach a policy :) Then delete the user.
@@dylanalbertazzi Thanks!
same my question , that's great.
great question.
so understanding!!!
great explanation, but background music seems to be too loud
Thank you so much my fellow Dylan!
You are so welcome!
Bruh such a good explanation thanks. Music is too loud though but great explanation.
Great explanation.. Ty!
Good job! one thing though I couldn't get 1 Role to be assumed by multiple users. I tried to add principal (user ARN) in the Trust Policy but I keep getting error. Can I add another user ARN to this {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::111111111111:user/John"
},
"Action": "sts:AssumeRole"
}
]
}
Thank you.
Roles are only for AWS internal resources, right? For external applications making AWS api calls, they still need a user, and an access key, correct?
Yes, exactly, Roles are only for AWS internal resources🚀
Depending on how you set up your api you will only need an access key.
If you are talking about external users (not developers but users of the app)...
Normally you would use something like cognito to handle auth for external users. You make a cognito user pool and connect it to the sign up form on your app. Then you give users within the pool access to the api.
This article explains it in depth. medium.com/swlh/how-to-protect-apis-using-amazon-cognito-user-pool-723c471a3468.
I wouldn't actually follow this article, it's just for getting an idea of what's going on behind the hood. Amplify makes auth much simpler aws.amazon.com/amplify/authentication/
Hope this helps😛
omg that music what was he thinking
Your explanations are great! But the way you move your hands around while talking is quite confusing and exaggerated, and the music is too loud.
the background music is louder than your voice.
Useful video, but please don't annoy your viewers with music. If I want to listen to music I wouldn't be searching for AWS and IAM.
Background music is distracting
Nice except for the background music
Can't hear what you have been saying. Loud music. Quitting...
too noisy music
Please remove that music. You are ruining a great video.
I've received that feedback a handful of times and have stopped using it in future vids.
ugh the music is so obnoxious i couldn't watch this
Lmao simple? Aws iam is an absolute disaster
Thanks for the wonderfull explanation!!