Questions tagged with IAM Policies
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Regarding Amazon Neptune and IAM authentication, can I create a policy that allows me to restrict access to certain nodes or edges with a certain property or label? I need to be able to grant...
1
answers
0
votes
166
views
asked 3 months agolg...
Hi all,
I have 2 accounts:
- Mgmt (SSO enabled)
- Development (RDS)
I have **SSO** configured with a group (team_leaders) and permission set (TeamLeaderAccess).
Are part of this group:
- john
-...
1
answers
0
votes
356
views
asked 3 months agolg...
I encountered an issue when attempting to access my EC2 instance using Session Manager after a sudden power outage. Upon reconnecting, I received the following error message:
```
An error occurred...
2
answers
0
votes
1198
views
asked 3 months agolg...
The `AddLayerVersionPermission` operation is used to control resource-based access for Lambda Layers. Currently only one action is allowed which is `lambda:GetLayerVersion`. This is restricted by a...
0
answers
5
votes
68
views
asked 3 months agolg...
I'm creating an app where you can create an organization, invite people to join it and end up using Sagemaker Studio, and therefore Canvas. Everything works perfectly until I want users to only be...
1
answers
0
votes
128
views
asked 3 months agolg...
Hello, how would I restrict access to ec2-user via putty? So I have two accounts in my instance, user and ec2-user. I want to make it so that I ssh into user and su into ec2-user.
So, I have 2...
1
answers
0
votes
136
views
asked 3 months agolg...
Is it possible to create a policy such that it limits the `s3:RestoreObject` action only to a particular restore tier?
**Example:**
Can we have a policy that only allows "Bulk" restores, but it...
1
answers
0
votes
80
views
asked 3 months agolg...
Hi all,
I'm using AWS Lightsail bucket service.
My account has a following policy but I can't put s3 object with ```--acl public-read``` option. without --acl option it works.
```
{
"Version":...
2
answers
0
votes
117
views
asked 3 months agolg...
Hi,
What about if the user assumes the role and the policy is applied on the STS trust level or the destination? For instance, I have a user who logs into the system with MFA credentials, gets the...
1
answers
0
votes
78
views
asked 3 months agolg...
I'm trying to implement Attribute based authorization using API Gateway, DynamoDB and Cognito.
For some reason the authorization works fine, but it doesn't work when I refer to the users' Custom...
1
answers
0
votes
127
views
asked 3 months agolg...
I am trying to prevent human access to DynamoDB table. I'm currently thinking of two approaches
1. Deny based on `aws:PrincipalType` - account and user
2. Allow KMS access only to AWS services
Is...
1
answers
0
votes
114
views
asked 3 months agolg...
Can someone recommend articles that explain the syntax of a custom policy so that I can write good custom policy without doing guess work.
For example when do we need to include condition, why is...
Accepted AnswerIAM Policies
2
answers
0
votes
94
views
asked 3 months agolg...