Questions tagged with IAM Policies
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
When I refer to this documentations: https://docs.aws.amazon.com/appsync/latest/devguide/merged-api.html, it seems like merged APIs are intended for development purposes only. Can we use a merged API,...
1
answers
0
votes
517
views
asked 4 months agolg...
Lambda role assuming a role in same account to list bucket in different account gives NoSuchBucketlg...
Hi
I have lambda role in account A and another role s3Role in same account A (this is required by usecase). s3Role has access to read, list and put permissions for s3 bucket in account B. Account B...
1
answers
0
votes
142
views
asked 4 months agolg...
Regarding Amazon Neptune and IAM authentication, can I create a policy that allows me to restrict access to certain nodes or edges with a certain property or label? I need to be able to grant...
1
answers
0
votes
213
views
asked 4 months agolg...
Hi all,
I have 2 accounts:
- Mgmt (SSO enabled)
- Development (RDS)
I have **SSO** configured with a group (team_leaders) and permission set (TeamLeaderAccess).
Are part of this group:
- john
-...
1
answers
0
votes
517
views
asked 4 months agolg...
I encountered an issue when attempting to access my EC2 instance using Session Manager after a sudden power outage. Upon reconnecting, I received the following error message:
```
An error occurred...
2
answers
0
votes
1789
views
asked 4 months agolg...
The `AddLayerVersionPermission` operation is used to control resource-based access for Lambda Layers. Currently only one action is allowed which is `lambda:GetLayerVersion`. This is restricted by a...
0
answers
5
votes
69
views
asked 4 months agolg...
I'm creating an app where you can create an organization, invite people to join it and end up using Sagemaker Studio, and therefore Canvas. Everything works perfectly until I want users to only be...
1
answers
0
votes
162
views
asked 4 months agolg...
Hello, how would I restrict access to ec2-user via putty? So I have two accounts in my instance, user and ec2-user. I want to make it so that I ssh into user and su into ec2-user.
So, I have 2...
1
answers
0
votes
158
views
asked 4 months agolg...
Is it possible to create a policy such that it limits the `s3:RestoreObject` action only to a particular restore tier?
**Example:**
Can we have a policy that only allows "Bulk" restores, but it...
1
answers
0
votes
104
views
asked 4 months agolg...
Hi all,
I'm using AWS Lightsail bucket service.
My account has a following policy but I can't put s3 object with ```--acl public-read``` option. without --acl option it works.
```
{
"Version":...
2
answers
0
votes
151
views
asked 4 months agolg...
Hi,
What about if the user assumes the role and the policy is applied on the STS trust level or the destination? For instance, I have a user who logs into the system with MFA credentials, gets the...
1
answers
0
votes
98
views
asked 4 months agolg...
I'm trying to implement Attribute based authorization using API Gateway, DynamoDB and Cognito.
For some reason the authorization works fine, but it doesn't work when I refer to the users' Custom...
1
answers
0
votes
157
views
asked 4 months agolg...