- Le plus récent
- Le plus de votes
- La plupart des commentaires
I've tried it and figured out that attaching IAM policy arn:aws:iam::aws:policy/AWSSupportAccess
to IAM user is not enough. I've attached it to one group and one IAM role, reevaluated the AWS Config rule, and it became Compliant
Thank you for answer. But I didn't understand it properly. To all user groups and roles in iam Do I need to attach the arn:aws:iam::aws:policy/AWSSupportAccess policy? The way I did it IAM policy - Check the AWSSupportAccess checkbox - Actions - Connect - Check everything that appears in the IAM entity - Attach policy This will attach the AWSSupportAccess policy to all IAM ROLEs and user groups. Of course, it is only added to the ROLE I created, not the ROLE created by AWS. If you then re-evaluate your AWS CONFIG, it will be marked as non-compliant.
You don't need to add AWSSupportAccess policy to ALL IAM users and group 1 user and 1 group is enough
Contenus pertinents
- demandé il y a 5 jours
- demandé il y a un an
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 10 mois
- AWS OFFICIELA mis à jour il y a 3 ans
Please accept the answer if it was useful for you