2 réponses
- Le plus récent
- Le plus de votes
- La plupart des commentaires
1
You can use the concept of a Token Vending Machine (see here to create dynamic policies for users when you federate it.
For the EC2 Role, see examples here: https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html
répondu il y a 2 ans
0
I was trying to set this up using Google Workspace, so pretty similar. I was hoping that setting a policy either in IAM Identity Center or directly on the secret if needed, using aws:PrincipalTag with a custom SAML attribute would do the trick. So far zero success, because of lack of knowledge I suppose. The solution of TVM is grossly overkill for my use case, is it the only way?
répondu il y a 8 mois
Contenus pertinents
- demandé il y a 8 mois
- demandé il y a un an
- demandé il y a 2 mois
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a 2 ans