Difference between revisions of "System-user role"

From CNM Wiki
Jump to: navigation, search
Line 1: Line 1:
A [[system-user role]] (or, alternatively spelt, [[system user role]]; also known as [[user access level]]; in [[WordPress]], known as [[user group]]; in [[MediaWiki]], known as as [[user role]]; in [[AWS]], known as [[IAM role]]; hereinafter, the ''Role'') An IAM role is very similar to a user, in that it is an identity with permission policies that determine what the identity can and cannot do in AWS. However, a role does not have any credentials (password or access keys) associated with it. Instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it. An IAM user can assume a role to temporarily take on different permissions for a specific task. A role can be assigned to a federated user who signs in by using an external identity provider instead of IAM. AWS uses details passed by the identity provider to determine which role is mapped to the federated user.
+
A [[system-user role]] (or, alternatively spelt, [[system user role]]; also known as [[user access level]] or [[system-granted identity]]; [[user role]] in [[WordPress]]; [[user group]] in [[MediaWiki]]; [[IAM role]] in [[AWS]]; hereinafter, the ''Role'') is a set of capacities often called permissions that a system grants to any user who belongs to a particular ''Role''.
 +
 
 +
 
 +
 
 +
An IAM role is very similar to a user, in that it is an identity with permission policies that determine what the identity can and cannot do in AWS. However, a role does not have any credentials (password or access keys) associated with it. Instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it. An IAM user can assume a role to temporarily take on different permissions for a specific task. A role can be assigned to a federated user who signs in by using an external identity provider instead of IAM. AWS uses details passed by the identity provider to determine which role is mapped to the federated user.

Revision as of 22:50, 13 October 2018

A system-user role (or, alternatively spelt, system user role; also known as user access level or system-granted identity; user role in WordPress; user group in MediaWiki; IAM role in AWS; hereinafter, the Role) is a set of capacities often called permissions that a system grants to any user who belongs to a particular Role.


An IAM role is very similar to a user, in that it is an identity with permission policies that determine what the identity can and cannot do in AWS. However, a role does not have any credentials (password or access keys) associated with it. Instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it. An IAM user can assume a role to temporarily take on different permissions for a specific task. A role can be assigned to a federated user who signs in by using an external identity provider instead of IAM. AWS uses details passed by the identity provider to determine which role is mapped to the federated user.