2 réponses
- Le plus récent
- Le plus de votes
- La plupart des commentaires
1
Hello.
Try adding the following policy to the IAM user's policy.
If you add this, you will not be able to access CodeCommit unless you go through the VPC endpoint.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"codecommit:*"
],
"Resource": [
"*"
],
"Condition": {
"StringEquals": {
"aws:sourceVpce": [
"VPC EndPoint ID"
]
}
}
}
]
}
0
Apart finding a proper resource policy, you could use security groups on the vpc interface endpoint and whitelist only IPs you need.
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a 4 mois