1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
0
The "root" user of an account can be restricted using Service control policies (SCPs), in AWS Organizations. The error you describe implies that there might be an SCP in place.
You can verify the presence of an SCP by navigating to AWS Organizations, and then check the "Policies" on the OU where the account is located. Note that SCPs might also be created by AWS Control Tower (if you use it), so please be careful changing existing SCP.
Please also note that there is a total of ~10 actions which really require root user permissions. Following least privilege, I therefore recommend not using this user unless you need to execute one of those actions, and use (preferably) IAM Identity Center access or (if needed) IAM users instead.
beantwortet vor 6 Monaten
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 7 Monaten
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor 4 Monaten