This document provides the definitions for Access Key on AWS.
Terminology |
Description |
Access key
|
The combination of an access key ID (like AKIAIOSFODNN7EXAMPLE) and a secret access key (like wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY). You use access keys to sign API requests that you make to AWS. |
Access key ID
|
A unique identifier that's associated with a secret access key; the access key ID and secret access key are used together to sign programmatic AWS requests cryptographically. |
Secret Access Key |
A key that is used in conjunction with the access key ID to cryptographically sign programmatic AWS requests. Signing a request identifies the sender and prevents the request from being altered. You can generate secret access keys for your AWS account, individual IAM users, and temporary sessions. |
IAM |
A document defining permissions that apply to a user, group, or role; the permissions in turn determine what users can do in AWS. |
Policy |
A policy typically allows access to specific actions, and can optionally grant that the actions are allowed for specific resources, like EC2 instances, Amazon S3 buckets, and so on. Policies can also explicitly deny access. |
Permission |
A statement within a policy that allows or denies access to a particular resource. You can state any permission like this: "A has permission to do B to C." For example, Jane (A) has permission to read messages (B) from John's Amazon SQS queue (C). Whenever Jane sends a request to Amazon SQS to use John's queue, the service checks to see if she has permission. It further checks to see if the request satisfies the conditions John set forth. |