AWS IAM Roles Anywhere

Extend IAM roles to workloads running outside of AWS

Why AWS IAM Roles Anywhere?

You can use AWS Identity and Access Management (IAM) Roles Anywhere to obtain temporary security credentials for your on-premises, hybrid, and multicloud workloads. IAM Roles Anywhere integrates with your existing enterprise PKI so that your non-AWS workloads can use the same IAM policies and IAM roles that you use for workloads running in AWS without having to manage long-term credentials.

Benefits

You can use industry-standard X.509 certificates with your existing enterprise public key infrastructure (PKI) or AWS Private Certificate Authority.

You can use IAM Roles Anywhere to grant secure temporary access to AWS services and resources for your workloads in hybrid, on-premises, and multicloud workloads.

Decrease your reliance on long-term credentials by utilizing automatically-rotating credentials with short lifetimes provided by IAM Roles Anywhere.

Help eliminate the need for building and operating systems to store, manage, and distribute long-term credentials.

Use cases

Use IAM Roles Anywhere to enable your workloads that run on your premises (such as servers, containers, and applications) to access AWS resources with AWS temporary credentials.

Learn more

Use IAM Roles Anywhere to enable your workloads in hybrid and multicloud environments to access AWS resources with AWS temporary credentials.

Learn more

Connect your supported third-party applications such as Salesforce to securely access AWS services and resources.

Learn more about Salesforce integration