AWS IAM Roles with additive permissions?

0

We'd have an IAM role that allows users to view specific operational cloudwatch logs with sensitive information.

This works, but since the role only grants access to the logs, the user cant perform other tasks while they have assumed the role.

Is there a way to make a role additive, i.e. it grants access to view cloudwatch logs, AND have all the permissions the user has through their groups?

질문됨 일 년 전228회 조회
1개 답변
0

Afraid that this is the limitation of assuming roles. You’d have to build a role with all the permissions required via a combination of multiple or a singular policy.

profile picture
전문가
답변함 일 년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠