Questions tagged with Service Control Policy
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hello!
My team has sandboxes for individuals to learn more about AWS, and to test out solutions. We have had issues with individuals not tagging their resources with important tags to identify...
0
answers
1
votes
112
views
asked a year agolg...
The goal is to implement a control similar to an allowlist where only allowed external accounts can assume roles inside the org.
Here’s what I’ve tried:
- tried restricting the sts:assumerole...
2
answers
0
votes
1215
views
asked a year agolg...
Nothing to see here!!!!!!!!!!!!!!!!!!!!!!
1
answers
-2
votes
259
views
asked a year agolg...
Greetings,
**Context**
We are in the process of building out our SCPs to fit our specific needs. One of the SCPs we are building is to ***only*** allow approved AWS Services.
We started with the...
1
answers
0
votes
1194
views
asked a year agolg...
I'm trying to setup a scp to prevent iam:CreateUser and iam:CreateAccessKey for all the IAM users except the administrators. The issue is administrators IAM role arn is like...
2
answers
0
votes
748
views
asked a year agolg...
Hi all,
We are using **AWS Control Tower** to manage **AWS Accounts** in our **Landing Zone**,
Unfortunately one of our principal regions (**eu-south-1**) isn't governed by **Control Tower**, so in...
1
answers
0
votes
985
views
asked a year agolg...
Getting the following exception while trying to access the AWS Comprehend using aws_access_key_id, aws_secret_access_key, aws_session_token.
"ClientError: An error occurred (AccessDeniedException)...
1
answers
0
votes
282
views
asked a year agolg...
We have an 'unauthorised API call' alarm that is being tripped by Amazon Inspector.
It's attempting to download windows.zip from an AWS Public Bucket. Here is a snippet of the Cloudwatch log:-
```
...
1
answers
0
votes
575
views
asked a year agolg...
Need help
I just installed codeploy on an Ubuntu EC2 instance and armed a pipeline on bitbucket to trigger deployments. My deployments fail on the first events (ApplicationStop and...
3
answers
0
votes
476
views
asked a year agolg...
I've recently joined an organisation which has EC2 Instances, S3 buckets and Elastic Beanstalk applications. Everything looks empty to me while previous developer has all the access to those services....
1
answers
0
votes
890
views
asked 2 years agolg...
Hi there,
We have a service control policy attached for our account with explicit Deny on Dynamodb Delete Item.
We have enabled Point in Time Recovery for the tables as well.
When I was trying to...
1
answers
0
votes
274
views
asked 2 years agolg...
Hi,
For some reason I am not able to create Ubuntu managed nodes in fully private cluster. Though, managed Amazon-Linux nodes and all other self-managed nodes are joining the cluster successfully. I...
0
answers
0
votes
140
views
asked 2 years agolg...