How to group IAM policies/roles?

1

I need 3 AWS IAM roles, one per environment. All of these roles have a few common policies, plus one custom per-environment policy. Is there a smart way to configure it (like group or hierarchy) instead of using this:

  • Role1=Policy1+Policy2+Policy3+CustomPolicy1
  • Role2=Policy1+Policy2+Policy3+CustomPolicy2
  • Role3=Policy1+Policy2+Policy3+CustomPolicy3 I.e. is there a way to group (Policy1+Policy2+Policy3)?

TIA, Vitaly

質問済み 1年前271ビュー
1回答
1

Hello Vitaly,

You can merge the Policy1+Policy2+Policy3 to a single larger policy. The larger policy needs to be deployed in all the environment along with the custom policy. However, Please keep in mind the complexity after merge as it can become an overhead later if need to troubleshoot any issues.

Thanks, Gautam

profile pictureAWS
回答済み 1年前
  • Gautam, thank you! But agree with you - it's not elegant.

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ