2 Risposte
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
0
Hello.
You must operate with an IAM Identity Center administrative account and assign the necessary permissions.
https://docs.aws.amazon.com/singlesignon/latest/userguide/permissionsetcustom.html
Alternatively, IAM Identity Center administration can be delegated to a specific member account.
In that case, it will be possible to operate the IAM Identity Center from a delegated member account and assign privileges.
https://docs.aws.amazon.com/singlesignon/latest/userguide/permissionsetcustom.html
0
Thanks Riku. 1 I can't set policies for SSO users like in IAM anymore, right? 2 May I grant ReadOnly to all SSO users, create IAM role, let SSO user assume role when they need?
con risposta 9 mesi fa
Contenuto pertinente
- AWS UFFICIALEAggiornata 4 mesi fa
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata 2 anni fa
It cannot be operated from the IAM screen. Attach IAM policies in the IAM Identity Center permission set.
Do you want to set a set of permissions for a user with a ReadOnly policy? SSO users can be assigned multiple sets of privileges. For example, if an SSO user is assigned the ReadOnly permission set and the PowerUser permission set, the user can switch between the two permission sets when necessary.