Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

How to isolate resources for users?

0

So I am trying to prototype a service that will be backed by different aws services. What I want is, that each user in my service have a different resource group in AWS. For example, they can have different SNS pipelines, different SES configurations, etc. How can I achieve that?

Topics
Application IntegrationDevOpsManagement & GovernanceSecurity, Identity, & Compliance
Tags
DevOpsAmazon Simple Notification Service (SNS)IAM PoliciesAWS Account Management
Language
English
asked 3 years ago401 views
2 Answers
0

It is a good idea to use IAM to divide the resources that each user can access.
With the Resource policy, it is also possible to create settings to allow by user for each ARN.
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_resource.html

EXPERT
answered 3 years ago
0

If you want to keep all the resources in one account, consider isolating resources via tagging. You can use session tagging along with tagging of the resources to control access. Take a look at these:

Check to see if the services and resources you plan to use support ABAC, AWS services that work with IAM.

AWS
EXPERT
answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content