Questions tagged with Service Control Policy
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Nothing to see here!!!!!!!!!!!!!!!!!!!!!!
1
answers
-2
votes
232
views
asked a year agolg...
Greetings,
**Context**
We are in the process of building out our SCPs to fit our specific needs. One of the SCPs we are building is to ***only*** allow approved AWS Services.
We started with the...
1
answers
0
votes
1021
views
asked a year agolg...
I'm trying to setup a scp to prevent iam:CreateUser and iam:CreateAccessKey for all the IAM users except the administrators. The issue is administrators IAM role arn is like...
2
answers
0
votes
654
views
asked a year agolg...
Hi all,
We are using **AWS Control Tower** to manage **AWS Accounts** in our **Landing Zone**,
Unfortunately one of our principal regions (**eu-south-1**) isn't governed by **Control Tower**, so in...
1
answers
0
votes
854
views
asked a year agolg...
Getting the following exception while trying to access the AWS Comprehend using aws_access_key_id, aws_secret_access_key, aws_session_token.
"ClientError: An error occurred (AccessDeniedException)...
1
answers
0
votes
253
views
asked a year agolg...
We have an 'unauthorised API call' alarm that is being tripped by Amazon Inspector.
It's attempting to download windows.zip from an AWS Public Bucket. Here is a snippet of the Cloudwatch log:-
```
...
1
answers
0
votes
514
views
asked a year agolg...
Need help
I just installed codeploy on an Ubuntu EC2 instance and armed a pipeline on bitbucket to trigger deployments. My deployments fail on the first events (ApplicationStop and...
3
answers
0
votes
441
views
asked a year agolg...
I've recently joined an organisation which has EC2 Instances, S3 buckets and Elastic Beanstalk applications. Everything looks empty to me while previous developer has all the access to those services....
1
answers
0
votes
801
views
asked a year agolg...
Hi there,
We have a service control policy attached for our account with explicit Deny on Dynamodb Delete Item.
We have enabled Point in Time Recovery for the tables as well.
When I was trying to...
1
answers
0
votes
247
views
asked a year agolg...
Hi,
For some reason I am not able to create Ubuntu managed nodes in fully private cluster. Though, managed Amazon-Linux nodes and all other self-managed nodes are joining the cluster successfully. I...
0
answers
0
votes
130
views
asked 2 years agolg...
I know we can (and have) locked down access to specific AWS regions. My question is, is it possible to lockdown AZ's with service control policies?
2
answers
0
votes
317
views
asked 2 years agolg...
Hello if you use the Region deny option in AWS Control Tower ist set the Guardrail: Deny access to AWS based on the requested AWS RegionInfo. In this Guardrail the SCP is missing the global Service...
1
answers
0
votes
578
views
asked 2 years agolg...