Is there an acceptable use case of "Effect: Allow" with NotPrincipal? I struggle to find a use case.
I understand the following, so I want to find an actual use case for Allow and NotPrincipal.
We strongly recommend that you do not use NotPrincipal in the same policy statement as "Effect": "Allow". Doing so allows all principals except the one named in the NotPrincipal element. We do not recommend this because the permissions specified in the policy statement will be granted to all principals except for the ones specified. By doing this, you might grant access to anonymous (unauthenticated) users.
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_notprincipal.html
AWS 官方已更新 2 年前