AWS STS now supports validation of select identity provider specific claims from Google, GitHub, CircleCI and OCI
Posted inAmazon Web Services

AWS STS now supports validation of select identity provider specific claims from Google, GitHub, CircleCI and OCI

No CommentsPosted inAmazon Web Services

AWS Security Token Service (STS) now supports validation of select identity provider specific claims from Google, GitHub, CircleCI and Oracle Cloud Infrastructure in IAM role trust policies and resource control policies for OpenID Connect (OIDC) federation into AWS via the AssumeRoleWithWebIdentity API.

With this new capability, you can reference these custom claims as condition keys in IAM role trust policies and resource control policies, expanding your ability to implement fine-grained access control for federated identities and help you establish your data perimeters. This enhancement builds upon IAM’s existing OIDC federation capabilities, which allow you to grant temporary AWS credentials to users authenticated through external OIDC-compatible identity providers.

Categories: general:products/aws-iam,marketing:marchitecture/security-identity-and-compliance

Source: Amazon Web Services



Latest Posts

Pass It On
Leave a Comment

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply