By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How set up accounts with different permission

0

We have a cloud in AWS and security policy that only allows max of three users can have full access to create/edit services. I assume the full access is using "root" account.

We have a requirement for other users to have full access.

Is not possible to create another AWS "admin" or "power user account" and customize permissions as needed using security roles and privileges so they can create/edit services as needed?

Can access customization be set at the VPC, Subnet, or server levels? For example, they have a test VPC and production VPC with a few subnets in each.

Is it possible to create a "admintest" AWS Account and assign it a ADMINTEST_ROLE so they can do anything (Create/edit services) in TEST_VPC?

Thank you,

Topics
Security, Identity, & ComplianceManagement & Governance
Tags
AWS Identity and Access ManagementAWS Account ManagementIAM Policies
Language
English
sam15
asked 10 months ago237 views
1 Answer
0
Accepted Answer

You can use IAM services to define the policies for each user ranging from having no-access to full admin access. Here are some documentation that will help you get familiar with IAM service : https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html

if you are not familiar with IAM , you might want to watch this video to familiarize yourself with the service : https://www.youtube.com/watch?v=z-tbVVojMp0

AWS
Behrang_KS
answered 10 months ago
profile picture
EXPERT
Sedat Salman
reviewed 10 months ago
profile picture
EXPERT
Hiroki Takahashi
reviewed 10 months ago
  • sam15
    10 months ago

    Hi

    Great information. I found this link too to be useful on how to organize groups and users

    https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction_access-management.html

    Does your reply mean I can setup/customize policies in any form I need and assign it to a group/user so I can define full permissions for a user at VPC level or subnet or multiple VPCs?

    Thanks,

  • sam15
    10 months ago

    Hi

    Great information. I found this link too to be useful on how to organize groups and users

    https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction_access-management.html

    Does your reply mean I can setup/customize policies in any form I need and assign it to a group/user so I can define full permissions for a user at VPC level or subnet or multiple VPCs?

    Thanks,

  • Behrang_KS
    10 months ago

    The permissions defined in policies will define will users (in IAM terminology, which Principals) will be able to do which action(create, delete, see, modify, etc), on which resources(VPCs, EC2 instances , etc).

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content