AWS IAM documentation change
Summary
Updated terminology from 'federated users' to 'SAML federated principals' and removed '(federation)' from a link text
Security assessment
The changes involve terminology standardization (users → principals) and minor link formatting. No security vulnerabilities or new security features are addressed.
Diff
diff --git a/IAM/latest/UserGuide/id_roles_providers_create_saml.md b/IAM/latest/UserGuide/id_roles_providers_create_saml.md index 2a8954cf8..8f2fae261 100644 --- a//IAM/latest/UserGuide/id_roles_providers_create_saml.md +++ b//IAM/latest/UserGuide/id_roles_providers_create_saml.md @@ -15 +15 @@ You can create and manage an IAM identity provider in the AWS Management Console -After you create a SAML provider, you must create one or more IAM roles. A role is an identity in AWS that doesn't have its own credentials (as a user does). But in this context, a role is dynamically assigned to a federated user that is authenticated by your IdP. The role permits your IdP to request temporary security credentials for access to AWS. The policies assigned to the role determine what the federated users are allowed to do in AWS. To create a role for SAML federation, see [Create a role for a third-party identity provider (federation)](./id_roles_create_for-idp.html). +After you create a SAML provider, you must create one or more IAM roles. A role is an identity in AWS that doesn't have its own credentials (as a user does). But in this context, a role is dynamically assigned to a SAML federated principal that is authenticated by your IdP. The role permits your IdP to request temporary security credentials for access to AWS. The policies assigned to the role determine what users are allowed to do in AWS. To create a role for SAML federation, see [Create a role for a third-party identity provider ](./id_roles_create_for-idp.html). @@ -17 +17 @@ After you create a SAML provider, you must create one or more IAM roles. A role -Finally, after you create the role, you complete the SAML trust by configuring your IdP with information about AWS and the roles that you want your federated users to use. This is referred to as configuring relying party trust between your IdP and AWS. To configure relying party trust, see [Configure your SAML 2.0 IdP with relying party trust and adding claims](./id_roles_providers_create_saml_relying-party.html). +Finally, after you create the role, you complete the SAML trust by configuring your IdP with information about AWS and the roles that you want your SAML federated principals to use. This is referred to as configuring relying party trust between your IdP and AWS. To configure relying party trust, see [Configure your SAML 2.0 IdP with relying party trust and adding claims](./id_roles_providers_create_saml_relying-party.html). @@ -111 +111 @@ Choose **Add tag**. Enter values for each tag key-value pair. - 9. Assign an IAM role to your identity provider. This role gives external user identities managed by your identity provider permissions to access AWS resources in your account. To learn more about creating roles for identity federation, see [Create a role for a third-party identity provider (federation)](./id_roles_create_for-idp.html). + 9. Assign an IAM role to your identity provider. This role gives external user identities managed by your identity provider permissions to access AWS resources in your account. To learn more about creating roles for identity federation, see [Create a role for a third-party identity provider ](./id_roles_create_for-idp.html).