- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
There are multiple ways to define access to resources within AWS. For instance, permissions for Amazon S3 objects can be configured using a combination of S3 bucket policies, user policies and object ACLs to achieve a complex mix of different access permissions in the same bucket. Please review 'Policies and Permissions within IAM' - https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html & 'Identity and access management in Amazon S3' - https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html for more details.
ABAC - Attribute Based Access Control may also be used here. In ABAC, you tag the resources and allow only IAM users with specific tag to access that resource. For example, you can map Workload A with a tag called "CreatedBy: Team A" and then have the same tag mapped to IAM users of Team A; then only Team A can access Workload A.
Please refer the following documentation for further details https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction_attribute-based-access-control.html
Contenuto pertinente
- AWS UFFICIALEAggiornata 4 mesi fa
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 4 mesi fa