- Implementing Cloud Design Patterns for AWS(Second Edition)
- Sean Keery Clive Harber Marcus Young
- 157字
- 2021-06-24 15:11:56
Security Token Service
The AWS Security Token Service (STS) is a web service that enables you to request temporary, limited-privilege credentials for IAM users. We'll see why this is a great feature when we cover least privilege security in Chapter 4, Security - Ensuring the Integrity of Your Systems.
Speaking of least privilege, you really shouldn't be using your root user for AWS console access. Let's create a new user. Then go back and see whether you can recreate your environment with the new user.
Create a file named user.tf and add the following:
resource "aws_iam_user" "cloudpatterns" {
name = "loadbalancer"
}
resource "aws_iam_group" "group" {
name = "cloudpatterngroup"
}
resource "aws_iam_group_membership" "admin" {
name = "tf-admin-group-membership"
users = [
"${aws_iam_user.cloudpatterns.name}",
]
group = "${aws_iam_group.group.name}"
}
resource "aws_iam_group_policy_attachment" "test-attach" {
group = "${aws_iam_group.group.name}"
policy_arn = "arn:aws:iam::aws:policy/AdministratorAccess"
}
Save it, then run the following:
terraform plan
terraform apply -target=aws_iam_user.cloudpatterns
You should see your new user in the IAM console.
推薦閱讀
- Designing Purpose:Built Drones for Ardupilot Pixhawk 2.1
- UNIX操作系統(tǒng)設(shè)計(jì)
- Linux網(wǎng)絡(luò)操作系統(tǒng)與實(shí)訓(xùn)(第三版)
- 蘋(píng)果電腦玩全攻略 OS X 10.8 Mountain Lion
- 嵌入式Linux系統(tǒng)開(kāi)發(fā):基于Yocto Project
- Installing and Configuring Windows 10:70-698 Exam Guide
- Windows Server 2019 Administration Fundamentals
- Linux系統(tǒng)安全基礎(chǔ):二進(jìn)制代碼安全性分析基礎(chǔ)與實(shí)踐
- Kali Linux高級(jí)滲透測(cè)試
- OpenSolaris設(shè)備驅(qū)動(dòng)原理與開(kāi)發(fā)
- HTML5 Enterprise Application Development
- 電腦辦公(Windows 10 + Office 2016)入門(mén)與提高(超值版)
- Windows網(wǎng)絡(luò)編程(第2版)
- Docker容器技術(shù)與運(yùn)維
- SAP后勤模塊實(shí)施攻略:SAP在生產(chǎn)、采購(gòu)、銷(xiāo)售、物流中的應(yīng)用