...
- We are trusting users to protect the credentials we have given them. (This is the same as trusting someone to protect their Sage username and password.)
- This has not saved us any work for the download use case if we still need to proxy requests from Web clients.
- This may be confusing for users. They will likely have their own AWS credentials plus separate credentials for each data set to which we have granted them access.
- This is currently limited to 15,000 users. We may be able to ask Deepak to raise that limit for us. The limit will be raised within a year as AWS rolls out expanded support for federated access to AWS resources.
...
- A comparison of Bucket Policies, ACLs, and IAM
- More details on limits
- Following are the default maximums for your entities:
- Groups per AWS Account: 100
- Users per AWS Account: 5000
- Number of groups per User: 10 (that is, the User can be in this many groups)
- Access keys per User: 2
- Signing certificates per User: 2
- MFA devices per User: 1
- Server certificates per AWS Account: 10
- You can request to increase the maximum number of Users or groups for your AWS Account.
S3 ACL
This is the older mechanism from AWS for access control. It control object level, not bucket level, access.
...
The Pacific Northwest Gigapop is the point of presence for the Internet2/Abilene network in the Pacific Northwest. The PNWGP is connected to the Abilene backbone via a 10 GbE link. In turn, the Abilene Seattle node is connected via OC-192 192 links to both Sunnyvale, California and Denver, Colorado.
PNWPG offers two types of Internet2/Abilene interconnects: Internet2/Abilene transit services and Internet2/Abilene peering at Pacific Wave International Peering Exchange. See Participant Services for more information.
...