By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How to limit access to (deploying) AWS resources for CodeCatalyst users after the carte blanche was given by linking a CodeCatalyst space?

0

After linking a CodeCatalyst space to a AWS account, the account becomes responsible for all costs caused by the space. From the documentation, this seems like a de facto cart blanche. How to limit the abilities of the users with access to the space so they cannot just deploy anything the want. This is not clear to me from the documentation. Limiting developer access to dev environments and not production environments also seems like a challenge, but also a must.

Topics
Security, Identity, & ComplianceAWS Well-Architected FrameworkManagement & GovernanceDeveloper ToolsDevOps
Tags
Security, Identity, & ComplianceSecurityAWS Account ManagementAmazon CodeCatalyst
Language
English
Maarten
asked 7 months ago195 views
1 Answer
0

Hey Maarten,

please check the documentation of the CodeCatalyst - IAM integration: https://docs.aws.amazon.com/codecatalyst/latest/userguide/ipa-iam-roles.html

You can limit the resources that can be deployed through CodeCatalyst by updating the IAM role and "Deny" access to the resources you do not want to get updated.

Let me know if this helps Regards Johannes

profile picture
Lockhead
answered 7 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content