Trusted identity propagation across applications - Amazon IAM Identity Center
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Trusted identity propagation across applications

Trusted identity propagation enables Amazon services to do the following:

  • Authorize access to Amazon resources based on the user’s identity context.

  • Securely share the user’s identity context with other Amazon services.

These capabilities enable user access to be more easily defined, granted, and logged.

With trusted identity propagation, a user can sign in to an application, and that application can pass the users’ identity context in requests to access data in Amazon services. Because access is managed based on a user's identity, users don't need to use database local user credentials or assume an IAM role to access data.