En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Cloudwatchfullaccessv2

0

As cloudwatchfullaccess policy is deprecating we have two usergroups attached for this policy and no iam roles, iam users were attached. Can I directly go ahead and detach this policy and attach cloudwatchfullaccessv2 to these user groups? How can I do testing to make sure this new policy is working fine?

Sujets
Sécurité, identité et conformité
Balises
Gestion des identités et des accès AWS
Langue
English
AWSquery
demandé il y a 7 mois347 vues
1 réponse
0

Hello.

I checked the IAM policy diff.
As you can see from the results below, it seems that "autoscaling:Describe*" and "sns:*" are restricted.
Since I had full access to SNS, I think that if I set it to "CloudWatchFullAccessV2", I would not be able to delete anything.
With AutoScaling, "DescribeLifecycleHooks" is removed, so you will no longer be able to see the lifecycle settings from the screen.

diff CloudWatchFullAccess.json CloudWatchFullAccessV2.json
4a5
>             "Sid": "CloudWatchFullAccessPermissions",
7c8,10
<                 "autoscaling:Describe*",
---
>                 "application-autoscaling:DescribeScalingPolicies",
>                 "autoscaling:DescribeAutoScalingGroups",
>                 "autoscaling:DescribePolicies",
10c13,17
<                 "sns:*",
---
>                 "sns:CreateTopic",
>                 "sns:ListSubscriptions",
>                 "sns:ListSubscriptionsByTopic",
>                 "sns:ListTopics",
>                 "sns:Subscribe",
18a26
>             "Sid": "EventsServicePermissions",
28a37
>             "Sid": "OAMReadPermissions",
profile picture
EXPERT
Riku_Kobayashi
répondu il y a 7 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents