The wind blows wherever it pleases. You hear its sound, but you cannot tell where it comes from or where it is going.
Key Pairs
Amazon EC2 instances created from a public AMI use a public/private key pair instead of a password for signing in via SSH. The public key is embedded in your instance, and you use the private key to sign in securely without a password. After you create your own AMIs, you can choose other mechanizms to log securely to your new instances.
Identity federation (IDF) is an architecture where identities of an external identity provider (IDP) are recognized. Single sign-on (SSO) is where the credentials of an external identity are used to allow access to a local system (e.g., AWS).
AWS Organizations is a service for managing multiple accounts within a single business. Rather than managing many accounts, with many isolated sets of logins and individual bills, Organizations allows consolidation.
IAM controls access to AWS services via policies that can be attached to users, groups, and roles. Users are given long-term credentials to access AWS resources (username and password or access keys).
Roles allow for short-term access to resources when assumed, using temporary access credentials.
