AWS IAM Roles with additive permissions?

0

We'd have an IAM role that allows users to view specific operational cloudwatch logs with sensitive information.

This works, but since the role only grants access to the logs, the user cant perform other tasks while they have assumed the role.

Is there a way to make a role additive, i.e. it grants access to view cloudwatch logs, AND have all the permissions the user has through their groups?

已提问 1 年前230 查看次数
1 回答
0

Afraid that this is the limitation of assuming roles. You’d have to build a role with all the permissions required via a combination of multiple or a singular policy.

profile picture
专家
已回答 1 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则