By using AWS re:Post, you agree to the AWS re:Post Terms of Use

Update policies for continued access to Billing, Cost Management, and Account consoles.

0

I received an email to Update your policies for continued access to Billing, Cost Management, and Account consoles. The Affected Policies tool shows 0 (zero) IAM entities. Do I need to do anything if no IAM entities are using the policy?

1 Answer
0

Hello.

If you are not using AWS Organizations to manage your AWS account, you should be fine.
If your AWS account is managed by AWS Organizations, we recommend that you check whether the corresponding policy is being used in SCP just to be sure.
As stated in the document below, SCPs are not visible in the "Affected Policies tool".

https://aws.amazon.com/jp/blogs/aws-cloud-financial-management/changes-to-aws-billing-cost-management-and-account-consoles-permissions/

Please note that the Affected Policies console only shows impacted IAM policies within the logged-in account and does not display Service control policies (SCPs) that are impacted by this change. Please use the Bulk Policy Migrator scripts to identify and update IAM policies for all accounts within the organization. You will need to log into the AWS Organizations console to view the affected Service Control Policies (SCPs). The remainder of the blog provides details on how you can transition from the existing IAM actions to fine-grained actions in the console. If you manage and maintain IAM policies in a version-controlled repository, be sure to make these same changes to your automation. In case of further questions, contact AWS support.

profile picture
EXPERT
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions