使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

Mobile Application Deployment

1

Hello All,

My question is regarding policy if a developer ask for permissions for S3, Code Commit, EBS and LightSail then what all permissions should i grant him?

S3- AmazonS3FullAccess CodeCommit-AWSCodeCommitPowerUser Lightsail-LightsailExportAccess EBS- Do i need to provide EC2 full access or is there any specific permission i can provide for EBS?

Thanks, Monica

主題
開發人員工具運算儲存空間
標籤
AWS CodeCommitAmazon LightsailS3 Select
語言
English
Monica
已提問 1 年前檢視次數 215 次
1 個回答
1
已接受的答案

Allowing full access allows operation.
But IAM best practice is least privilege permissions.
Therefore, we recommend creating an IAM policy that allows developers to do only what they need to do.
https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege

It is possible to create an EBS volume with EC2 full access, but if you only want to create it, you can create it by allowing "ec2:CreateVolume".
https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2.html

profile picture
專家
Riku_Kobayashi
已回答 1 年前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容