Ir para o conteúdo
Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post
sobre o re:Post

Permissions boundary Usage

0

Can I use the Permissions boundary set on the user group as far as I have understood this can be done on the User or the Role. Can this be used on the user group? I have got the reference from the below AWS docs. https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html

Tópicos
Segurança, identidade e conformidade
Tags
Políticas do IAM
Idioma
English
feita há 2 anos626 visualizações
1 Resposta
1

Hello.
Permission boundaries, when set, restrict even IAM groups.
Permission boundaries can only be set for IAM users and IAM roles.
https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html#access_policies_boundaries-eval-logic

Identity-based policies with boundaries – Identity-based policies are inline or managed policies that are attached to a user, group of users, or role. Identity-based policies grant permission to the entity, and permissions boundaries limit those permissions. The effective permissions are the intersection of both policy types. An explicit deny in either of these policies overrides the allow.

AWS supports permissions boundaries for IAM entities (users or roles).

ESPECIALISTA
respondido há 2 anos
ESPECIALISTA
avaliado há 2 anos
  • rePost-User-5395813
    há 2 anos

    doesn't this mean that Identity-based policies can be used on user, group of users, or role and permissions boundaries limit those permissions.

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Conteúdo relevante