What is AWS ARN?
What is AWS ARN?
Amazon Resource Names (ARNs) particularly identify AWS resources. We require an ARN when you have to indicate a resource unambiguously over all of AWS, for example, in IAM strategies, Amazon Relational Database Service (Amazon RDS) labels, and API calls.
Format
The following are the general formats for ARNs. The particular formats rely upon the resource. To use an ARN, supplant the italicized text with the resource-explicit information. Know that the ARNs for certain resources preclude the Region, the account ID, or both the Region and the account ID.
Partition
The partition wherein the resource is found. A partition is a gathering of AWS Regions. Each AWS account is perused to one partition. The following are the bolstered partitions:
AWS - AWS Regions
AWS-cn - AWS China Regions
AWS-us-gov - AWS GovCloud (US) Regions
service
The service namespace that identifies the AWS item. For instance, s3 for Amazon S3 resources.
region
The Region. For instance, us-east-2 for US East (Ohio).
account-id
The ID of the AWS account that possesses the resource, without the hyphens. For instance, 123456789012.
resource-id
The resource identifier. This piece of the ARN can be the name or ID of the resource or a resource way. For instance, user/Bob for an IAM user or instance/I-1234567890abcdef0 for an EC2 instance. Some resource identifiers include a parent resource (sub-resource-type/parent-resource/sub-resource) or a qualifier, for example, a rendition (resource-type:resource-name:qualifier).
Paths in ARNs
Resource ARNs can include in a way. For instance, in Amazon S3, the resource identifier is an article name that can include slices (/) to shape away. Also, IAM user names and gathering names can include paths.
Paths can include a trump card character, in particular an indicator (*). For instance, on the off chance that you are writing an IAM strategy, you can indicate all IAM users that have the way product_1234 using a trump card as follows:
Correspondingly, you can determine user/* to mean all users or group/* to mean all groups, as in the following models:
You can't use a trump card to determine all users in the Principal component in a resource-based arrangement or a job trust strategy. Gatherings are not bolstered as principals in any approach.
The following model shows ARNs for an Amazon S3 container in which the resource name includes in a way:
You can't use a trump card in the part of the ARN that determines the resource type, for example, the term user in an IAM ARN.
The following isn't permitted:
This is how the ARN works if you have any doubts regarding the topic, write to me in the comment section. To read more informative articles on various topics stay connected with the TutorialsLink. Keep reading and stay healthy.
