Questions tagged with IAM Policies
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Is it possible to create a policy such that it limits the `s3:RestoreObject` action only to a particular restore tier?
**Example:**
Can we have a policy that only allows "Bulk" restores, but it...
1
answers
0
votes
83
views
asked 3 months agolg...
Hi all,
I'm using AWS Lightsail bucket service.
My account has a following policy but I can't put s3 object with ```--acl public-read``` option. without --acl option it works.
```
{
"Version":...
2
answers
0
votes
120
views
asked 3 months agolg...
Hi,
What about if the user assumes the role and the policy is applied on the STS trust level or the destination? For instance, I have a user who logs into the system with MFA credentials, gets the...
1
answers
0
votes
80
views
asked 3 months agolg...
I'm trying to implement Attribute based authorization using API Gateway, DynamoDB and Cognito.
For some reason the authorization works fine, but it doesn't work when I refer to the users' Custom...
1
answers
0
votes
130
views
asked 3 months agolg...
I am trying to prevent human access to DynamoDB table. I'm currently thinking of two approaches
1. Deny based on `aws:PrincipalType` - account and user
2. Allow KMS access only to AWS services
Is...
1
answers
0
votes
117
views
asked 3 months agolg...
Can someone recommend articles that explain the syntax of a custom policy so that I can write good custom policy without doing guess work.
For example when do we need to include condition, why is...
Accepted AnswerIAM Policies
2
answers
0
votes
97
views
asked 3 months agolg...
I am fairly new in AWS and i have set up a S3 bucket and a cloudfront instance from the console for my woocommerce store. After studying for a day i successfully migrated my media files from my wp...
2
answers
0
votes
144
views
asked 3 months agolg...
As the root account holder, I have created an IAM User account for myself. This is recommended as a best practice.
After creating the new IAM User account I am able to log into it the first time. ...
1
answers
0
votes
240
views
asked 3 months agolg...
Hello everyone,
I have been trying to give a user Admin access. Firstly, I created a user group and give that user group AdministratorAccess permission. Then, I created a user and added that user to...
Accepted AnswerIAM Policies
1
answers
0
votes
126
views
asked 3 months agolg...
Hi,
I need to keep minimum privilege access to Amazon Simple Systems Management at the pod level in Amazon Elastic Kubernetes Service (Amazon EKS) from my application with AWS Identity and Access...
1
answers
0
votes
334
views
asked 3 months agolg...
Good morning, I would like to explain my problem and understand what the best solution is for my use case.
My IDP is known where I manage users and groups.
I have 2 groups: **ADMIN,USER**
ADMIN can...
1
answers
0
votes
177
views
asked 3 months agolg...
Hello,
I have a JWT issued by an IDP with `roles=["role1"]`, I would like to match an IAM role based on that JWT role, I tried:
```
{
"Version": "2012-10-17",
"Statement": [
{
"Effect":...
1
answers
0
votes
132
views
asked 3 months agolg...