1回答
- 新しい順
- 投票が多い順
- コメントが多い順
1
Hello.
I thought, how about setting ReadOnlyAccess and using a Permissions boundary to allow only the necessary services?
For example, if you set ReadOnlyAccess in the IAM policy and set the following Permissions boundary, you can only allow reading to EC2.
https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "test",
"Effect": "Allow",
"Action": "ec2:*",
"Resource": "*"
}
]
}
関連するコンテンツ
- AWS公式更新しました 2年前