|
|
|
|
|
|
by yandie
1955 days ago
|
|
|
ex-AWS here. IAM is definitely a service! It's super powerful underneath the hood. However as a caller, you need multiple levels of caching underneath the hood (all built by IAM team). That's part of the reasons why you can't use IAM as an external service. IAM is also eventual consistency - that's why if you modify the policy doc it takes seconds to reflect in your service calls :) (sometimes even minutes). IAM outages can and will take down multiple AWS services. > If so how would they be evaluated consistently across different languages? Internally everything is JVM AFAIK :). If you go out of the JVM world in AWS you'll have to deal with this problem yourself, which can be painful. |
|
|
The caching layer must also be quite complex! But thanks for settling this for me.