使用AWS re:Post即您表示您同意 AWS re:Post 使用条款
AWS re:Postre:Post

How to group IAM policies/roles?

1

I need 3 AWS IAM roles, one per environment. All of these roles have a few common policies, plus one custom per-environment policy. Is there a smart way to configure it (like group or hierarchy) instead of using this:

  • Role1=Policy1+Policy2+Policy3+CustomPolicy1
  • Role2=Policy1+Policy2+Policy3+CustomPolicy2
  • Role3=Policy1+Policy2+Policy3+CustomPolicy3 I.e. is there a way to group (Policy1+Policy2+Policy3)?

TIA, Vitaly

主题
安全、身份和合规性
标签
IAM 策略
语言
English
vitaly_il
已提问 1 年前283 查看次数
1 回答
1

Hello Vitaly,

You can merge the Policy1+Policy2+Policy3 to a single larger policy. The larger policy needs to be deployed in all the environment along with the custom policy. However, Please keep in mind the complexity after merge as it can become an overhead later if need to troubleshoot any issues.

Thanks, Gautam

profile pictureAWS
Gautam Kumar
已回答 1 年前
  • vitaly_il
    1 年前

    Gautam, thank you! But agree with you - it's not elegant.

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则

相关内容