AWS IAM Roles Anywhere gives you control over X.509 certificate attribute mapping, allowing you to define specific mapping rules to extract only the certificate data you need. This streamlines how attributes from subject, issuer, and subject alternative name (SAN) fields are used as session tags in IAM policies.
While the service previously mapped all relative distinguished names and certain SAN values by default, today you can customize which certificate attributes to include based on your business requirements. This selective mapping helps reduce complexity and size of authorization policy tags.
Learn how to simplify certificate-based access management by implementing these mapping rules through the IAM Roles Anywhere console, AWS SDKs, or AWS CLI using put-attribute-mapping and delete-attribute-mapping APIs.
Learn more at – http://go.aws/3HzvnjN
Subscribe to AWS: https://go.aws/subscribe
Sign up for AWS: https://go.aws/signup
AWS free tier: https://go.aws/free
Explore more: https://go.aws/more
Contact AWS: https://go.aws/contact
Next steps:
Explore on AWS in Analyst Research: https://go.aws/reports
Discover, deploy, and manage software that runs on AWS: https://go.aws/marketplace
Join the AWS Partner Network: https://go.aws/partners
Learn more on how Amazon builds and operates software: https://go.aws/library
Do you have technical AWS questions?
Ask the community of experts on AWS re:Post: https://go.aws/3lPaoPb
Why AWS?
Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—use AWS to be more agile, lower costs, and innovate faster.
#AWS #AmazonWebServices #CloudComputing #AWSIAMRolesAnywhere #Security #Identity
