- Mais recentes
- Mais votos
- Mais comentários
Hello.
The following policy denies domain transfer actions and hosted zone deletion.
All other actions are allowed.
https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53domains.html
https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53.html
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "*",
"Resource": "*"
},
{
"Effect": "Deny",
"Action": [
"route53domains:AcceptDomainTransferFromAnotherAwsAccount",
"route53domains:CancelDomainTransferToAnotherAwsAccount",
"route53domains:CheckDomainTransferability",
"route53domains:DisableDomainTransferLock",
"route53domains:EnableDomainTransferLock",
"route53domains:RejectDomainTransferFromAnotherAwsAccount",
"route53domains:TransferDomain",
"route53domains:TransferDomainToAnotherAwsAccount",
"route53:DeleteHostedZone"
],
"Resource": "*"
}
]
}
IAM users cannot cancel their AWS accounts, so No. 2 does not require any action if you are an IAM user.
https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-closing.html#close-account-procedure
Sign in to the AWS Management Console as the root user in the AWS account that you want to close. You can't close an account while signed in as an IAM user or role.
Choose which option in aws to set this at user??
}, { "Effect": "Deny", "Action": [ "route53domains:AcceptDomainTransferFromAnotherAwsAccount", "route53domains:CancelDomainTransferToAnotherAwsAccount", "route53domains:CheckDomainTransferability", "route53domains:DisableDomainTransferLock", "route53domains:EnableDomainTransferLock", "route53domains:RejectDomainTransferFromAnotherAwsAccount", "route53domains:TransferDomain", "route53domains:TransferDomainToAnotherAwsAccount", "route53:DeleteHostedZone" ], "Resource": "*"
I try route53:DeleteDomain , for "deny of delete domain". It show an error.
What is the right code for json to deny of delete domain ??
Conteúdo relevante
- AWS OFICIALAtualizada há 2 meses
You can create an IAM policy by selecting and pasting "JSON" as shown below. https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create-console.html
Added "DeleteDomain". https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonroute53domains.html