1 Resposta
- Mais recentes
- Mais votos
- Mais comentários
0
Short answer is to restrict which can "backup:DeleteBackupVaultLockConfiguration" https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsbackup.html#:~:text=DeleteBackupVaultLockConfiguration
Probably want to layer an Organizational SCP with DENY with condition ArnNotEquals for the arn of the user who you allow to delete the vault lock.
respondido há um ano
Conteúdo relevante
- AWS OFICIALAtualizada há um ano