I just stumbled upon this list of AWS Service Principals on GitHub. Principals identify an entity within AWS Identity and Access Management (IAM) such as a certain user or role, another AWS account for cross-account access, or another AWS service. Service principals are domain-like identifiers for AWS services, such as s3.amazonaws.com for AWS S3 or events.amazonaws.com for AWS EventBridge.
We need these service principals when defining IAM roles because they grant the specified service access to that specific role. In AWS terms, this means the service identified by the service principal can assume this IAM role. In addition, AWS Lambda uses resource-based policies to grant usage permission to specific entities on a per-resource basis. These entities are also identified as principals.
I embedded this Gist directly in this post, but I would recommend to head over to GitHub to star it directly.
Top comments (0)