Mobile Application Deployment

Hello All,

My question is regarding policy if a developer ask for permissions for S3, Code Commit, EBS and LightSail then what all permissions should i grant him?

S3- AmazonS3FullAccess CodeCommit-AWSCodeCommitPowerUser Lightsail-LightsailExportAccess EBS- Do i need to provide EC2 full access or is there any specific permission i can provide for EBS?

Thanks, Monica

主题

开发者工具计算存储

标签

AWS CodeCommit Amazon Lightsail S3 精选

语言

English

Monica

已提问 1 年前215 查看次数

1 回答

最新
投票最多
评论最多

已接受的回答

Allowing full access allows operation.
But IAM best practice is least privilege permissions.
Therefore, we recommend creating an IAM policy that allows developers to do only what they need to do.
https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege

It is possible to create an EBS volume with EC2 full access, but if you only want to create it, you can create it by allowing "ec2:CreateVolume".
https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2.html

专家

Riku_Kobayashi

已回答 1 年前

Riku_Kobayashi 专家
1 年前
You will need to create a custom IAM policy using the instructions in this document. https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create-console.html#access_policies_create-json-editor
Monica
1 年前

If i have to give EBS permission to developer then what all permission do i have to assign them other permissions as well with EC2:CreateVolume?

Do i have to mention the Volume Size? Can you give some sample JSON code that i can use?

How much size is required for application, i have to ask developer and tell AWS ? Or i can directly specify it in JSON Code?

Mobile Application Deployment

相关内容