2 Risposte
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
0
I would recommend using IAM Permissions boundaries. They are an extra set of permissions that can be applied that can set max permissions for an IAM entity.
See https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
con risposta 2 anni fa
0
You can may be attach an SCP at the org level that explicitly prohibits actions that you don't want users and roles in certain accounts to perform.
con risposta 2 anni fa
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 2 anni fa
You can may be attach an SCP at the org level that explicitly prohibits actions that you don't want users and roles in certain accounts to perform.