<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>IAM roles &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/iam-roles/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Fri, 14 Feb 2025 21:18:59 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>How to restrict Amazon S3 bucket access to a specific IAM role</title>
		<link>https://noise.getoto.net/2025/02/14/how-to-restrict-amazon-s3-bucket-access-to-a-specific-iam-role/</link>
		
		<dc:creator><![CDATA[Chris Craig]]></dc:creator>
		<pubDate>Fri, 14 Feb 2025 21:18:59 +0000</pubDate>
				<category><![CDATA[Amazon Simple Storage Service (S3)]]></category>
		<category><![CDATA[AWS Identity and Access Management (IAM)]]></category>
		<category><![CDATA[Best of]]></category>
		<category><![CDATA[How-to]]></category>
		<category><![CDATA[IAM roles]]></category>
		<category><![CDATA[Identity]]></category>
		<category><![CDATA[NotPrincipal element]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Top Posts*]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=408228a67639d74e71d2c788bd65e305</guid>

					<description><![CDATA[February 14, 2025: This post was updated with the recommendation to restrict S3 bucket access to an IAM role by using the aws:PrincipalArn condition key instead of the aws:userid condition key. April 2, 2021: In the section “Granting cross-account bucket access to a specific IAM role,” we updated the second policy to fix an error. […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>How to use the PassRole permission with IAM roles</title>
		<link>https://noise.getoto.net/2023/11/25/how-to-use-the-passrole-permission-with-iam-roles/</link>
		
		<dc:creator><![CDATA[Liam Wadman]]></dc:creator>
		<pubDate>Fri, 24 Nov 2023 23:34:49 +0000</pubDate>
				<category><![CDATA[Advanced (300)]]></category>
		<category><![CDATA[AWS IAM]]></category>
		<category><![CDATA[AWS Identity and Access Management (IAM)]]></category>
		<category><![CDATA[IAM roles]]></category>
		<category><![CDATA[privilege escalation]]></category>
		<category><![CDATA[roles]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[Technical How-to]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=43434fa1c593adce5183fb73995257f0</guid>

					<description><![CDATA[iam:PassRole is an AWS Identity and Access Management (IAM) permission that allows an IAM principal to delegate or pass permissions to an AWS service by configuring a resource such as an Amazon Elastic Compute Cloud (Amazon EC2) instance or AWS Lambda function with an IAM role. The service then uses that role to interact with […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Refine permissions for externally accessible roles using IAM Access Analyzer and IAM action last accessed</title>
		<link>https://noise.getoto.net/2023/11/01/refine-permissions-for-externally-accessible-roles-using-iam-access-analyzer-and-iam-action-last-accessed/</link>
		
		<dc:creator><![CDATA[Nini Ren]]></dc:creator>
		<pubDate>Wed, 01 Nov 2023 18:51:27 +0000</pubDate>
				<category><![CDATA[Access management]]></category>
		<category><![CDATA[Amazon DynamoDB]]></category>
		<category><![CDATA[AWS IAM]]></category>
		<category><![CDATA[AWS IAM Access Analyzer]]></category>
		<category><![CDATA[AWS Identity and Access Management (IAM)]]></category>
		<category><![CDATA[IAM roles]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[least privilege]]></category>
		<category><![CDATA[policies]]></category>
		<category><![CDATA[security]]></category>
		<category><![CDATA[Security Blog]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=4185671b8c05efc692a62d9e54459559</guid>

					<description><![CDATA[When you build on Amazon Web Services (AWS) across accounts, you might use an AWS Identity and Access Management (IAM) role to allow an authenticated identity from outside your account—such as an IAM entity or a user from an external identity provider—to access the resources in your account. IAM roles have two types of policies […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 35/114 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-05 18:04:17 by W3 Total Cache
-->