By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Mobile Application Deployment

1

Hello All,

My question is regarding policy if a developer ask for permissions for S3, Code Commit, EBS and LightSail then what all permissions should i grant him?

S3- AmazonS3FullAccess CodeCommit-AWSCodeCommitPowerUser Lightsail-LightsailExportAccess EBS- Do i need to provide EC2 full access or is there any specific permission i can provide for EBS?

Thanks, Monica

Topics
Developer ToolsComputeStorage
Tags
AWS CodeCommitAmazon LightsailS3 Select
Language
English
Monica
asked a year ago205 views
1 Answer
1
Accepted Answer

Allowing full access allows operation.
But IAM best practice is least privilege permissions.
Therefore, we recommend creating an IAM policy that allows developers to do only what they need to do.
https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege

It is possible to create an EBS volume with EC2 full access, but if you only want to create it, you can create it by allowing "ec2:CreateVolume".
https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2.html

profile picture
EXPERT
Riku_Kobayashi
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content