2 réponses
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
I would recommend using IAM Permissions boundaries. They are an extra set of permissions that can be applied that can set max permissions for an IAM entity.
See https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
répondu il y a 2 ans
0
You can may be attach an SCP at the org level that explicitly prohibits actions that you don't want users and roles in certain accounts to perform.
répondu il y a 2 ans
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- demandé il y a 2 mois
- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans
You can may be attach an SCP at the org level that explicitly prohibits actions that you don't want users and roles in certain accounts to perform.