AWS IAM Roles with additive permissions?

0

We'd have an IAM role that allows users to view specific operational cloudwatch logs with sensitive information.

This works, but since the role only grants access to the logs, the user cant perform other tasks while they have assumed the role.

Is there a way to make a role additive, i.e. it grants access to view cloudwatch logs, AND have all the permissions the user has through their groups?

質問済み 1年前228ビュー
1回答
0

Afraid that this is the limitation of assuming roles. You’d have to build a role with all the permissions required via a combination of multiple or a singular policy.

profile picture
エキスパート
回答済み 1年前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ