|
|
|
|
|
|
by liquidexil
1760 days ago
|
|
|
I feel like this doesn't consider the massive upside to IAM roles as identities. Once a user is a top-level concept, there will be things that only users can do. When everything is a role, an action can be taken by a user or an autonomous system in the exact same way. I don't think this was an accident. Internally, Amazon traditionally had very different methods for authenticating and authorizing users versus systems, and it was a massive pain. Switching to IAM roles relieved some massive pain-points. |
|
|