2 Respostas
- Mais recentes
- Mais votos
- Mais comentários
0
I would recommend using IAM Permissions boundaries. They are an extra set of permissions that can be applied that can set max permissions for an IAM entity.
See https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
respondido há 2 anos
0
You can may be attach an SCP at the org level that explicitly prohibits actions that you don't want users and roles in certain accounts to perform.
respondido há 2 anos
Conteúdo relevante
- AWS OFICIALAtualizada há 2 anos
- AWS OFICIALAtualizada há 2 meses
You can may be attach an SCP at the org level that explicitly prohibits actions that you don't want users and roles in certain accounts to perform.