Questions tagged with IAM Policies
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
All of the examples I've seen on setting up IC users with the access to assume a role involves permission sets which is only available in the multi-account configuration using organizations. I am not...
1
answers
0
votes
181
views
asked 3 months agolg...
When I refer to this documentations: https://docs.aws.amazon.com/appsync/latest/devguide/merged-api.html, it seems like merged APIs are intended for development purposes only. Can we use a merged API,...
1
answers
0
votes
476
views
asked 3 months agolg...
Lambda role assuming a role in same account to list bucket in different account gives NoSuchBucketlg...
Hi
I have lambda role in account A and another role s3Role in same account A (this is required by usecase). s3Role has access to read, list and put permissions for s3 bucket in account B. Account B...
1
answers
0
votes
117
views
asked 3 months agolg...
Regarding Amazon Neptune and IAM authentication, can I create a policy that allows me to restrict access to certain nodes or edges with a certain property or label? I need to be able to grant...
1
answers
0
votes
176
views
asked 3 months agolg...
Hi all,
I have 2 accounts:
- Mgmt (SSO enabled)
- Development (RDS)
I have **SSO** configured with a group (team_leaders) and permission set (TeamLeaderAccess).
Are part of this group:
- john
-...
1
answers
0
votes
392
views
asked 3 months agolg...
I encountered an issue when attempting to access my EC2 instance using Session Manager after a sudden power outage. Upon reconnecting, I received the following error message:
```
An error occurred...
2
answers
0
votes
1343
views
asked 3 months agolg...
The `AddLayerVersionPermission` operation is used to control resource-based access for Lambda Layers. Currently only one action is allowed which is `lambda:GetLayerVersion`. This is restricted by a...
0
answers
5
votes
68
views
asked 3 months agolg...
I'm creating an app where you can create an organization, invite people to join it and end up using Sagemaker Studio, and therefore Canvas. Everything works perfectly until I want users to only be...
1
answers
0
votes
140
views
asked 3 months agolg...
Hello, how would I restrict access to ec2-user via putty? So I have two accounts in my instance, user and ec2-user. I want to make it so that I ssh into user and su into ec2-user.
So, I have 2...
1
answers
0
votes
139
views
asked 3 months agolg...
Is it possible to create a policy such that it limits the `s3:RestoreObject` action only to a particular restore tier?
**Example:**
Can we have a policy that only allows "Bulk" restores, but it...
1
answers
0
votes
84
views
asked 3 months agolg...
Hi all,
I'm using AWS Lightsail bucket service.
My account has a following policy but I can't put s3 object with ```--acl public-read``` option. without --acl option it works.
```
{
"Version":...
2
answers
0
votes
125
views
asked 3 months agolg...
Hi,
What about if the user assumes the role and the policy is applied on the STS trust level or the destination? For instance, I have a user who logs into the system with MFA credentials, gets the...
1
answers
0
votes
81
views
asked 3 months agolg...