Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

How to isolate resources for users?

0

So I am trying to prototype a service that will be backed by different aws services. What I want is, that each user in my service have a different resource group in AWS. For example, they can have different SNS pipelines, different SES configurations, etc. How can I achieve that?

Argomenti
Integrazione delle applicazioniDevOpsGestione e amministrazioneSicurezza, identità e conformità
Tag
Amazon Simple Notification Service (SNS)DevOpsGestore account AWSPolitiche IAM
Lingua
English
Vikram
posta un anno fa218 visualizzazioni
2 Risposte
0

It is a good idea to use IAM to divide the resources that each user can access.
With the Resource policy, it is also possible to create settings to allow by user for each ARN.
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_resource.html

profile picture
ESPERTO
Riku_Kobayashi
con risposta un anno fa
0

If you want to keep all the resources in one account, consider isolating resources via tagging. You can use session tagging along with tagging of the resources to control access. Take a look at these:

Check to see if the services and resources you plan to use support ABAC, AWS services that work with IAM.

profile pictureAWS
ESPERTO
kentrad
con risposta un anno fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente