Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

How to group IAM policies/roles?

1

I need 3 AWS IAM roles, one per environment. All of these roles have a few common policies, plus one custom per-environment policy. Is there a smart way to configure it (like group or hierarchy) instead of using this:

  • Role1=Policy1+Policy2+Policy3+CustomPolicy1
  • Role2=Policy1+Policy2+Policy3+CustomPolicy2
  • Role3=Policy1+Policy2+Policy3+CustomPolicy3 I.e. is there a way to group (Policy1+Policy2+Policy3)?

TIA, Vitaly

Argomenti
Sicurezza, identità e conformità
Tag
Politiche IAM
Lingua
English
vitaly_il
posta un anno fa293 visualizzazioni
1 Risposta
1

Hello Vitaly,

You can merge the Policy1+Policy2+Policy3 to a single larger policy. The larger policy needs to be deployed in all the environment along with the custom policy. However, Please keep in mind the complexity after merge as it can become an overhead later if need to troubleshoot any issues.

Thanks, Gautam

profile pictureAWS
Gautam Kumar
con risposta un anno fa
  • vitaly_il
    un anno fa

    Gautam, thank you! But agree with you - it's not elegant.

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente