aws

Record some knowledge of AWS

Documents

Role

  • https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_permissions-to-switch.html
    From my understand about role, every user is general people. role like some profession. When switch role, like you become police with some privilege. When you takeoff uniform, just like you switch out role, you loose these privilege.

  • IAM roles for Amazon EC2
    For EC2 instance, it’s very easy to use role without any secret token. When some group of EC2 have permission to assume to some role, when cluster scale up or scale down, all EC2 instances are same with the role permission

S3

Policy difference

multiple resources

https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_resource.html

1
2
3
4
"Resource": [
"arn:aws:dynamodb:us-east-2:account-ID-without-hyphens:table/books_table",
"arn:aws:dynamodb:us-east-2:account-ID-without-hyphens:table/magazines_table"
]