Resource Type: AWS > IAM > Service Specific Credential
AWS IAM Service Specific Credentials are long-term credentials that are associated with a specific AWS service and IAM user. These credentials are used to authenticate applications and services to specific AWS services like Amazon Bedrock, CodeCommit, and others. Unlike regular access keys, service specific credentials are scoped to a particular service and cannot be used to access other AWS services. They provide a more secure way to grant programmatic access to specific services without exposing full AWS account access.
Resource Context
Service Specific Credential is a part of the IAM service.
Each Service Specific Credential lives under an User.
Controls
The primary controls for AWS > IAM > Service Specific Credential are:
Quick Actions
- Delete
- Delete from AWS
- Router
- Skip alarm for Active control
- Skip alarm for Active control [90 days]
- Skip alarm for Approved control
- Skip alarm for Approved control [90 days]
Category
In Your Workspace
- Controls by Resource Type report
- Policy Settings by Resource Type report
- Resources by Resource Type report
Developers
- tmod:@turbot/aws-iam#/resource/types/serviceSpecificCredential
- tmod:@turbot/turbot#/resource/categories/iam
- turbot graphql resource --id "tmod:@turbot/aws-iam#/resource/types/serviceSpecificCredential"
Get Resource- select * from guardrails_resource where resource_type_uri = 'tmod:@turbot/aws-iam#/resource/types/serviceSpecificCredential';
- select * from guardrails_policy_setting where filter = 'resourceTypeId:"tmod:@turbot/aws-iam#/resource/types/serviceSpecificCredential"';
- select * from guardrails_notification where resource_type_uri = 'tmod:@turbot/aws-iam#/resource/types/serviceSpecificCredential' and notification_type in ('resource_updated', 'resource_created');
Get ResourceGet Policy Settings (By Resource ID)Get Resource Notification
Resource Type URI
Category URI
GraphQL
CLI
Steampipe Query