1回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
Short answer is to restrict which can "backup:DeleteBackupVaultLockConfiguration" https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbackup.html#:~:text=DeleteBackupVaultLockConfiguration
Probably want to layer an Organizational SCP with DENY with condition ArnNotEquals for the arn of the user who you allow to delete the vault lock.
回答済み 1年前
関連するコンテンツ
- AWS公式更新しました 1年前
- AWS公式更新しました 1年前