1 個回答
- 最新
- 最多得票
- 最多評論
0
It is better to give developer members permissions depending on what operations they perform on AWS.
However, it is difficult to identify the necessary permissions from the beginning, so it is better to use the IAM Access Analyzer.
https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_generate-policy.html#access_policies_generate-policy-know
The IAM Access Analyzer makes it possible to create IAM policies based on the most recently performed actions.
So, how about giving the developer Administrator privileges for a month or so to operate the system, and then creating a policy in IAM Access Analyzer?
https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-policy-generation.html
相關內容
- 已提問 6 個月前
- AWS 官方已更新 2 年前
- AWS 官方已更新 2 年前