I just stumbled upon this list of AWS Service Principals on GitHub. Principals identify an entity within AWS Identity and Access Management (IAM) such as a certain user or role, another AWS account for cross-account access, or another AWS service. Service principals are domain-like identifiers for AWS services, such as s3.amazonaws.com for AWS S3 or events.amazonaws.com for AWS EventBridge.
We need these service principals when defining IAM roles because they grant the specified service access to that specific role. In AWS terms, this means the service identified by the service principal can assume this IAM role. In addition, AWS Lambda uses resource-based policies to grant usage permission to specific entities on a per-resource basis. These entities are also identified as principals.
I embedded this Gist directly in this post, but I would recommend to head over to GitHub to star it directly.
Top comments (2)
I always come back to this list and look for the right service principal, although it's great to have it listed in this gist, I realized it can get outdated pretty quickly with all the new AWS services being released.
So I'd figure I'd take it a step further and create an automatically updated reference list that scrapes both the AWS documentation and the AWS Policy Generator to keep everything current. It's currently got 452+ service principals with direct links to the docs where available, and it updates programmatically so it never gets stale.
Nice, thanks for sharing! Guess from now on , I'll come back to this comment to find your post :-)