{"id":660757,"date":"2013-05-29T08:29:30","date_gmt":"2013-05-29T12:29:30","guid":{"rendered":"http:\/\/gigaom.com\/?p=649983"},"modified":"2013-05-29T08:29:30","modified_gmt":"2013-05-29T12:29:30","slug":"amazon-spreads-net-wider-by-federating-facebook-and-google-and-aws-identities","status":"publish","type":"post","link":"https:\/\/mereja.media\/index\/660757","title":{"rendered":"Amazon spreads net wider by federating Facebook and Google (and AWS) identities"},"content":{"rendered":"

Good news for developers who use Amazon Web Services and want to make those apps available to millions of Facebook and Google users: Amazon Web Services Identity Access Management (IAM) can now “federate” Google and Facebook user identities.\u00a0Oh, and it also supports AWS new Login With Amazon <\/a>feature which promises that companies can “securely connect your websites and apps with millions of Amazon.com customers.”<\/p>\n

\"awslogojpeg\"<\/a>Amazon announced identity federation for enterprise users<\/a> two years ago. That\u00a0let businesses grant their own employees access to AWS resources based on the users’ current corporate identity management systems. But this new federation capability spreads the net wider. \u00a0This federation will let developers authenticate a user with her existing Amazon, Google or Facebook credentials, which then give her access to specific AWS resources using her existing IAM roles.<\/p>\n

In his\u00a0AWS blog post<\/a>\u00a0announcing the news, Jeff Wierer, IAM principal product manager, explained a basic use case:<\/p>\n

\n

“Imagine you\u2019re developing a mobile app that uses the new Login with Amazon service for authentication, and part of the app\u2019s functionality allows end users to upload an image file as their personal avatar. Behind the scenes, you want to store those images as objects in one of your S3 buckets. To enable this, you need to configure a role that is used to delegate access to users of your app. Roles are configured in two parts:<\/p>\n

    \n
  1. A trust policy that specifies a trusted entity (principal)\u2014that is, who can assume the role. In this case, the trusted entity is any authenticated Amazon.com user.<\/li>\n
  2. An access policy with permissions that specify what the user can do.”<\/li>\n<\/ol>\n<\/blockquote>\n

    With services like this one, Amazon continues to push its cloud services as the platform of choice for developers at startups and big companies alike as more public competitors come online.<\/p>\n

    Photo courtesy of <\/a>Flickr user\u00a0jaaro<\/a><\/em><\/p>\n

    \"\"<\/p>\n

    <\/a><\/p>\n

    Related research and analysis from GigaOM Pro:<\/strong>
    Subscriber content.     Sign up for a free trial<\/a>.<\/p>\n